Package: tar
Version: 1.16-2etch1
Severity: important
mariner:d> touch test\\_file_with_\\backslashes_in_name
mariner:d> ls
test\_file_with_\backslashes_in_name
mariner:d> find -print0 | cat -vet; echo
[EMAIL PROTECTED]/test\_file_with_\backslashes_in_name^@
mariner:d> find ! -name t -print0 | tar --null --no-recursion -T - -vvcf
/dev/null
drwxrwsr-x iwj/iwj 0 2008-05-28 12:23 ./
tar: ./test\\_file_with_\backslashes_in_name: Cannot stat: No such file or
directory
tar: Error exit delayed from previous errors
mariner:d> find ! -name t -print0 | strace -ot tar --null --no-recursion -T -
-vvcf /dev/null
drwxrwsr-x iwj/iwj 0 2008-05-28 12:24 ./
tar: ./test\\_file_with_\backslashes_in_name: Cannot stat: No such file or
directory
tar: Error exit delayed from previous errors
mariner:d> grep file_with t | cat -vet
read(0, ".\0./test\\_file_with_\\backslashes"..., 4096) = 41$
lstat64("./test\\_file_with_^Hackslashes_in_name", 0xff9bb98c) = -1 ENOENT (No
such file or directory)$
write(2, "./test\\\\_file_with_\\backslashes_"..., 52) = 52$
mariner:d>
?!?!
This is probably a security problem in some circumstances, but I can't
think of an exploit offhand so I've set the severity only to `important'
rather than the `grave' that might be appropriate.
When we have a fix it should almost certainly be backported to etch.
Surely no-one can be relying on this insane behaviour.
Ian.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
