summaryrefslogtreecommitdiff
path: root/archivers/lha/files/patch-traversal
diff options
context:
space:
mode:
Diffstat (limited to 'archivers/lha/files/patch-traversal')
-rw-r--r--archivers/lha/files/patch-traversal75
1 files changed, 0 insertions, 75 deletions
diff --git a/archivers/lha/files/patch-traversal b/archivers/lha/files/patch-traversal
deleted file mode 100644
index b4f40163a435..000000000000
--- a/archivers/lha/files/patch-traversal
+++ /dev/null
@@ -1,75 +0,0 @@
---- src/header.c.old 2000-10-05 19:36:03.000000000 +0200
-+++ src/header.c 2004-04-17 23:55:54.000000000 +0200
-@@ -538,6 +538,10 @@
- /*
- * filename
- */
-+ if (header_size >= 256) {
-+ fprintf(stderr, "Possible buffer overflow hack attack, type #1\n");
-+ exit(109);
-+ }
- for (i = 0; i < header_size - 3; i++)
- hdr->name[i] = (char) get_byte();
- hdr->name[header_size - 3] = '\0';
-@@ -547,6 +551,10 @@
- /*
- * directory
- */
-+ if (header_size >= FILENAME_LENGTH) {
-+ fprintf(stderr, "Possible buffer overflow hack attack, type #2\n");
-+ exit(110);
-+ }
- for (i = 0; i < header_size - 3; i++)
- dirname[i] = (char) get_byte();
- dirname[header_size - 3] = '\0';
---- src/lhext.c.old 2000-10-04 16:57:38.000000000 +0200
-+++ src/lhext.c 2004-04-18 01:27:44.000000000 +0200
-@@ -190,8 +190,13 @@
- q = (char *) rindex(hdr->name, '/') + 1;
- }
- else {
-+ if (is_directory_traversal(q)) {
-+ fprintf(stderr, "Possible directory traversal hack attempt in %s\n", q);
-+ exit(111);
-+ }
-+
- if (*q == '/') {
-- q++;
-+ while (*q == '/') { q++; }
- /*
- * if OSK then strip device name
- */
-@@ -419,6 +424,33 @@
- return;
- }
-
-+int
-+is_directory_traversal(char *string)
-+{
-+ unsigned int type = 0; /* 0 = new, 1 = only dots, 2 = other chars than dots */
-+ char *temp;
-+
-+ temp = string;
-+
-+ while (*temp != 0) {
-+ if (temp[0] == '/') {
-+ if (type == 1) { return 1; }
-+ type = 0;
-+ temp++;
-+ continue;
-+ }
-+
-+ if ((temp[0] == '.') && (type < 2))
-+ type = 1;
-+ if (temp[0] != '.')
-+ type = 2;
-+
-+ temp++;
-+ } /* while */
-+
-+ return (type == 1);
-+}
-+
- /* Local Variables: */
- /* mode:c */
- /* tab-width:4 */
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-15 10:55:31 +0000