------- Comment #19 from jakub at gcc dot gnu dot org 2010-06-09 09:39 ------- Created an attachment (id=20874) --> (http://gcc.gnu.org/bugzilla/attachment.cgi?id=20874&action=view) CVE-2010-0831.patch
Just for the record, the patch that went in leaves fastjar still vulnerable. The main issue is that tmp_buff isn't the current directory component, but current directory component with all previous directory component, so the .. and . tests will match only for the first component. https://launchpad.net/bugs/540575 has some patch, but it is very ugly and inefficient. -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28359
