Prevent archive memebers with illegal pathnames from being extracted from an archive.

PR binutils/17552, binutils/17533 * bucomm.c (is_valid_archive_path): New function. Returns false for absolute pathnames and pathnames that include /../. * bucomm.h (is_valid_archive_path): Add prototype. * ar.c (extract_file): Use new function to check for valid pathnames when extracting files from an archive. * objcopy.c (copy_archive): Likewise. * doc/binutils.texi: Update documentation to mention the limitation on pathname of archive members.
2025-12-27 01:28:46 +00:00 · 2014-11-06 14:49:10 +00:00
parent 834107255b
commit dd9b91de21
6 changed files with 65 additions and 7 deletions
--- a/binutils/bucomm.h
+++ b/binutils/bucomm.h
@@ -21,6 +21,8 @@
 #ifndef _BUCOMM_H
 #define _BUCOMM_H

+/* In bucomm.c.  */
+
 /* Return the filename in a static buffer.  */
 const char *bfd_get_archive_filename (const bfd *);

@@ -56,20 +58,22 @@ bfd_vma parse_vma (const char *, const char *);

 off_t get_file_size (const char *);

+bfd_boolean is_valid_archive_path (char const *);
+
 extern char *program_name;

-/* filemode.c */
+/* In filemode.c.  */
 void mode_string (unsigned long, char *);

-/* version.c */
+/* In version.c.  */
 extern void print_version (const char *);

-/* rename.c */
+/* In rename.c.  */
 extern void set_times (const char *, const struct stat *);

 extern int smart_rename (const char *, const char *, int);

-/* libiberty.  */
+/* In libiberty.  */
 void *xmalloc (size_t);

 void *xrealloc (void *, size_t);