diff options
author | kientzle <kientzle@FreeBSD.org> | 2004-08-26 03:53:43 +0000 |
---|---|---|
committer | kientzle <kientzle@FreeBSD.org> | 2004-08-26 03:53:43 +0000 |
commit | 2222ae0c1d1b04bb980f9c2590c79260b7cfe878 (patch) | |
tree | 3193526459b9605b3e6947da24e3b51bd8ffcd65 /lib | |
parent | f9cf91fb01f884f0ce80e7691d05e23bb5028673 (diff) | |
download | FreeBSD-src-2222ae0c1d1b04bb980f9c2590c79260b7cfe878.zip FreeBSD-src-2222ae0c1d1b04bb980f9c2590c79260b7cfe878.tar.gz |
Don't edit permissions of pre-existing directories during extract.
This closes a security hole. Otherwise, libarchive will happily
extract into directories to which it lacks write permissions by
resetting the permissions during the extract.
Thanks to: Kris Kennaway
Diffstat (limited to 'lib')
-rw-r--r-- | lib/libarchive/archive_read_extract.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/libarchive/archive_read_extract.c b/lib/libarchive/archive_read_extract.c index a8d6961..6dcd753 100644 --- a/lib/libarchive/archive_read_extract.c +++ b/lib/libarchive/archive_read_extract.c @@ -479,7 +479,7 @@ extract_dir(struct archive *a, struct archive_entry *entry, int flags) if (extract->pst != NULL) { extract->pst = &extract->st; if (S_ISDIR(extract->pst->st_mode)) - goto success; + return (ARCHIVE_OK); /* It exists but isn't a dir. */ if ((flags & ARCHIVE_EXTRACT_UNLINK)) unlink(path); |