diff options
Diffstat (limited to 'games-util/dzip/files/dzip-2.9-scrub-names.patch')
| -rw-r--r-- | games-util/dzip/files/dzip-2.9-scrub-names.patch | 88 |
1 files changed, 0 insertions, 88 deletions
diff --git a/games-util/dzip/files/dzip-2.9-scrub-names.patch b/games-util/dzip/files/dzip-2.9-scrub-names.patch deleted file mode 100644 index 079fae3fd070..000000000000 --- a/games-util/dzip/files/dzip-2.9-scrub-names.patch +++ /dev/null @@ -1,88 +0,0 @@ -Fix directory traversals issues. - -Since .dz files normally just have relative directory trees: -pak/ -pak/file -pak/subdir/file - -we strip out all the components which ascend in the directory tree - -http://bugs.gentoo.org/93079 - ---- main.c -+++ main.c -@@ -77,6 +77,48 @@ int dzRead (int inlen) - return 1;
- } -
-+#define IS_SEP(c) (c == '/' || c == ':' || c == '\\') -+void scrub_name(char *smee) -+{ -+ char *paths[] = { "../", "..\\", "..:", NULL}; -+ size_t p, i, len; -+ char scrubit, scrubbed; -+ -+ scrubbed = 0; -+ len = strlen(smee); -+ i = 0; -+ scrubit = 1; -+ -+ /* search the path and scrub out all relative paths */ -+ while (i + 3 < len) { -+ for (p = 0; paths[p]; ++p) { -+ if (scrubit && !strncmp(paths[p], smee+i, 3)) { -+ scrubbed = 1; -+ memset(smee+i, '\0', 3); -+ i += 2; -+ break; -+ } -+ } -+ scrubit = IS_SEP(smee[i]) || smee[i] == '\0'; -+ ++i; -+ } -+ -+ if (!scrubbed) -+ return; -+ -+ /* condense the string over all the scrubbed bits */ -+ p = 0; -+ for (i = 0; i < len; ++i) { -+ while (p < len && smee[p] == '\0') -+ ++p; -+ if (p == len) { -+ smee[i] = '\0'; -+ break; -+ } -+ smee[i] = smee[p++]; -+ } -+} -+
- int dzReadDirectoryEntry (direntry_t *de) - { - char *s; -@@ -102,6 +144,7 @@ int dzReadDirectoryEntry (direntry_t *de - s = Dzip_malloc(de->len);
- dzFile_Read(s, de->len);
- de->name = s; -+ scrub_name(de->name); - if (de->pak && de->type != TYPE_PAK) - return 1; /* dont mess with dirchar inside pakfiles */ - do ---- v1code.c -+++ v1code.c -@@ -201,6 +201,7 @@ void demv1_dxentities(void) - - } -
-+extern void scrub_name(char *smee); - void dzUncompressV1 (int testing)
- {
- int i, inlen = 0;
-@@ -221,6 +222,7 @@ void dzUncompressV1 (int testing)
- {
- de = directory + i;
- crcval = INITCRC;
-+ scrub_name(de->name); - printf("%s %s",action,de->name);
- fflush(stdout);
-
|