jimzah/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src.git synced 2024-12-03 19:08:58 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
6989c166d6
freebsd-src/usr.bin/ar
History
Ed Maste ad964892e3 MFC r281311: ar: Disallow directory traversal 
Set ARCHIVE_EXTRACT_SECURE_SYMLINKS and ARCHIVE_EXTRACT_SECURE_NODOTDOT
  as in bsdtar to prevent extraction of archive entries whose pathnames
  contain .. or whose target directory would be altered by a symlink.
  Also disallow absolute pathnames.

  We don't currently provide an option to disable this behaviour (as
  bsdtar's -P does). It is unlikely to be a problem in practice for ar(1),
  but the -P option is not currently used and available if we want to
  consider it for this purpose.

Obtained from:	ELF tool chain ar, Ticket #474
Relnotes:	Yes
Sponsored by:	The FreeBSD Foundation
2015-04-24 15:48:23 +00:00
..
acplex.l Work around build breakages with GCC 4.2. 2013-05-23 05:42:35 +00:00
acpyacc.y Replace deprecated (or remove obsolete) libarchive 2.8 functions 2013-03-22 10:17:42 +00:00
ar.1 Whitespace cleanup: 2011-12-23 00:31:26 +00:00
ar.c Update libarchive to 3.0.3 2012-02-25 10:58:02 +00:00
ar.h Mark bsdar_errc as __dead2 to help code analysis tools. 2012-10-22 02:12:06 +00:00
Makefile Add the Clang specific -Wmissing-variable-declarations to WARNS=6. 2013-04-19 19:45:00 +00:00
read.c MFC r281311: ar: Disallow directory traversal 2015-04-24 15:48:23 +00:00
util.c
write.c Replace deprecated (or remove obsolete) libarchive 2.8 functions 2013-03-22 10:17:42 +00:00