[Bug 8411] Directory traversal via crafted tar file which contains a symlink pointing outside of the current directory
bugzilla at busybox.net
bugzilla at busybox.net
Tue Nov 10 00:26:27 UTC 2015
https://bugs.busybox.net/show_bug.cgi?id=8411
--- Comment #9 from Tyler Hicks <tyhicks at canonical.com> 2015-11-10 00:26:27 UTC ---
(In reply to comment #6)
> Created attachment 6206 [details]
> Patch for busybox 1.22.0 v4
>
> Oh, good catch.
>
> Instead of matching ".." anywhere ("..foo" is totally valid after all!), I'm
> also now just matching on a literal ".."
Good point regarding "..foo". I guess that means that
strstr(file_header->link_target, "../") will unintentionally match a target of
"foo../bar".
--
Configure bugmail: https://bugs.busybox.net/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the busybox-cvs
mailing list