https://sourceware.org/bugzilla/show_bug.cgi?id=17552
--- Comment #4 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot
gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "gdb and binutils".
The branch, master has been updated
via dd9b91de2149ee81d47f708e7b0bbf57da10ad42 (commit)
from 834107255bbefceb445fa733ebc1ea5d9f41ec7f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=dd9b91de2149ee81d47f708e7b0bbf57da10ad42
commit dd9b91de2149ee81d47f708e7b0bbf57da10ad42
Author: Nick Clifton <ni...@redhat.com>
Date: Thu Nov 6 14:49:10 2014 +0000
Prevent archive memebers with illegal pathnames from being extracted from
an archive.
PR binutils/17552, binutils/17533
* bucomm.c (is_valid_archive_path): New function. Returns false
for absolute pathnames and pathnames that include /../.
* bucomm.h (is_valid_archive_path): Add prototype.
* ar.c (extract_file): Use new function to check for valid
pathnames when extracting files from an archive.
* objcopy.c (copy_archive): Likewise.
* doc/binutils.texi: Update documentation to mention the
limitation on pathname of archive members.
-----------------------------------------------------------------------
Summary of changes:
binutils/ChangeLog | 16 ++++++++++++++--
binutils/ar.c | 9 +++++++++
binutils/bucomm.c | 26 ++++++++++++++++++++++++++
binutils/bucomm.h | 12 ++++++++----
binutils/doc/binutils.texi | 3 ++-
binutils/objcopy.c | 6 ++++++
6 files changed, 65 insertions(+), 7 deletions(-)
--
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils
