summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarc Espie <espie@cvs.openbsd.org>2007-06-01 22:06:04 +0000
committerMarc Espie <espie@cvs.openbsd.org>2007-06-01 22:06:04 +0000
commit5ef404469dbc63565727dbeb8d0bfa57e7f29b0e (patch)
tree0e863bfa75266a9b78acbfeb9f2912b7089767cd
parentdbc4676294aeb2f2f81ec702ee6802e9249b4113 (diff)
apply the same checks on extraction that are done during pkg_create
(modes and owners without annotation WILL be refused). Somewhat pedantic: skip archive entry during extraction of links/symlinks. Doesn't change a thing, except in the very rare case where a package would end with a link in the packing-list. Now we're able to detect a premature end of the tarball. (okay, it's an obscure bug, I haven't even met it for real. So what ?)
-rw-r--r--usr.sbin/pkg_add/OpenBSD/Add.pm5
-rw-r--r--usr.sbin/pkg_add/OpenBSD/Replace.pm7
2 files changed, 10 insertions, 2 deletions
diff --git a/usr.sbin/pkg_add/OpenBSD/Add.pm b/usr.sbin/pkg_add/OpenBSD/Add.pm
index d22e2a76361..8385996ad50 100644
--- a/usr.sbin/pkg_add/OpenBSD/Add.pm
+++ b/usr.sbin/pkg_add/OpenBSD/Add.pm
@@ -1,5 +1,5 @@
# ex:ts=8 sw=4:
-# $OpenBSD: Add.pm,v 1.69 2007/06/01 14:58:29 espie Exp $
+# $OpenBSD: Add.pm,v 1.70 2007/06/01 22:06:03 espie Exp $
#
# Copyright (c) 2003-2007 Marc Espie <espie@openbsd.org>
#
@@ -392,6 +392,9 @@ sub prepare_to_extract
$self->{link}, "!!!\n";
}
}
+ if (!$file->verify_modes($self)) {
+ Fatal "Can't continue\n";
+ }
$file->{name} = $fullname;
$file->{destdir} = $destdir;
diff --git a/usr.sbin/pkg_add/OpenBSD/Replace.pm b/usr.sbin/pkg_add/OpenBSD/Replace.pm
index afc79f80c7e..829bfaca859 100644
--- a/usr.sbin/pkg_add/OpenBSD/Replace.pm
+++ b/usr.sbin/pkg_add/OpenBSD/Replace.pm
@@ -1,5 +1,5 @@
# ex:ts=8 sw=4:
-# $OpenBSD: Replace.pm,v 1.28 2007/06/01 21:50:47 espie Exp $
+# $OpenBSD: Replace.pm,v 1.29 2007/06/01 22:06:03 espie Exp $
#
# Copyright (c) 2004-2006 Marc Espie <espie@openbsd.org>
#
@@ -74,11 +74,16 @@ sub extract
my $file = $self->prepare_to_extract($state);
if (defined $self->{link} || defined $self->{symlink}) {
+ $state->{archive}->skip;
return;
}
$self->SUPER::extract($state);
+
+ # figure out a safe directory where to put the temp file
my $d = dirname($file->{destdir}.$file->{name});
+ # we go back up until we find an existing directory.
+ # hopefully this will be on the same file system.
while (!-d $d && -e _) {
$d = dirname($d);
}