arj/repos/community-x86_64/CVE-2015-0557-dir-traversal.patch

   1 Description: Fix absolute path traversals.
   2  Catch multiple leading slashes when checking for absolute path traversals.
   3  .
   4  Fixes CVE-2015-0557.
   5 Author: Guillem Jover <guillem@debian.org>
   6 Origin: vendor
   7 Bug-Debian: https://bugs.debian.org/774435
   8 Forwarded: no
   9 Last-Update: 2015-02-26
  10
  11 ---
  12  environ.c |    3 +++
  13  1 file changed, 3 insertions(+)
  14
  15 --- a/environ.c
  16 +++ b/environ.c
  17 @@ -1087,6 +1087,8 @@ static char *validate_path(char *name)
  18    if(action!=VALIDATE_DRIVESPEC)
  19    {
  20  #endif
  21 +   while (name[0]!='\0'&&
  22 +          (name[0]=='.'||name[0]==PATHSEP_DEFAULT||name[0]==PATHSEP_UNIX)) {
  23     if(name[0]=='.')
  24     {
  25      if(name[1]=='.'&&(name[2]==PATHSEP_DEFAULT||name[2]==PATHSEP_UNIX))
  26 @@ -1096,6 +1098,7 @@ static char *validate_path(char *name)
  27     }
  28     if(name[0]==PATHSEP_DEFAULT||name[0]==PATHSEP_UNIX)
  29      name++;                             /* "\\" - revert to root */
  30 +   }
  31  #if SFX_LEVEL>=ARJSFXV
  32    }
  33   }