Package: cpio
Version: 2.11+dfsg-6
Severity: important
Tags: patch
I mistakenly tried to extract a tar file using cpio, and it crashed.
cpio does support tar files for some reason, but this feature seems to
have regressed.
Reproducer: tar --no-recursion -c . | cpio -i
Patch:
--- a/src/copyin.c
+++ b/src/copyin.c
@@ -1431,8 +1431,9 @@ process_copy_in ()
break;
}
- if (file_hdr.c_namesize <= 1)
- file_hdr.c_name = xrealloc(file_hdr.c_name, 2);
+ if (archive_format != arf_tar && archive_format != arf_ustar
+ && file_hdr.c_namesize <= 1)
+ file_hdr.c_name = xrealloc(file_hdr.c_name, 2);
cpio_safer_name_suffix (file_hdr.c_name, false, !no_abs_paths_flag,
false);
--- END ---
Ben.
-- System Information:
Debian Release: stretch/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500,
'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages cpio depends on:
ii libc6 2.24-8
cpio recommends no packages.
Versions of packages cpio suggests:
pn libarchive1 <none>
-- no debconf information
