diff options
| author |   Ned Ludd <solar@gentoo.org> | 2005-03-02 15:00:45 +0000 |
|---|---|---|
| committer | Ned Ludd <solar@gentoo.org> | 2005-03-02 15:00:45 +0000 |
| commit | c7b545bf085d3add40db4198d4b37467eb0eed69 (patch) | |
| tree | 5103fa631f6985a62a8c2dd9eb4fcded2f985c93 /net-misc/wget/files | |
| parent | Revision bump for security bug 83792. (diff) | |
| download | gentoo-2-c7b545bf085d3add40db4198d4b37467eb0eed69.tar.gz gentoo-2-c7b545bf085d3add40db4198d4b37467eb0eed69.tar.bz2 gentoo-2-c7b545bf085d3add40db4198d4b37467eb0eed69.zip | |
- security bump for bug 74008. CAN-2004-1487 - overwrite files via ".." in path component
(Portage version: 2.0.51-r15)
Diffstat (limited to 'net-misc/wget/files')
| -rw-r--r-- | net-misc/wget/files/digest-wget-1.9.1-r3 | 1 | ||||
| -rw-r--r-- | net-misc/wget/files/wget-CAN-2004-1487.patch | 49 |
2 files changed, 50 insertions, 0 deletions
diff --git a/net-misc/wget/files/digest-wget-1.9.1-r3 b/net-misc/wget/files/digest-wget-1.9.1-r3 new file mode 100644 index 000000000000..fc78fd386c38 --- /dev/null +++ b/net-misc/wget/files/digest-wget-1.9.1-r3 @@ -0,0 +1 @@ +MD5 e6051f1e1487ec0ebfdbda72bedc70ad wget-1.9.1.tar.gz 1322378 diff --git a/net-misc/wget/files/wget-CAN-2004-1487.patch b/net-misc/wget/files/wget-CAN-2004-1487.patch new file mode 100644 index 000000000000..acc4ef1241a7 --- /dev/null +++ b/net-misc/wget/files/wget-CAN-2004-1487.patch @@ -0,0 +1,49 @@ +diff -Nur wget-1.9.1/src/http.c wget-1.9.1_patched/src/http.c +--- wget-1.9.1/src/http.c 2003-10-15 01:32:15.000000000 +0200 ++++ wget-1.9.1_patched/src/http.c 2005-03-02 15:00:44.262827441 +0100 +@@ -1479,6 +1479,7 @@ + /* Open the local file. */ + if (!opt.dfp) + { ++ sanitize_path(*hs->local_file); + mkalldirs (*hs->local_file); + if (opt.backups) + rotate_backups (*hs->local_file); +diff -Nur wget-1.9.1/src/utils.c wget-1.9.1_patched/src/utils.c +--- wget-1.9.1/src/utils.c 2003-10-23 14:16:21.000000000 +0200 ++++ wget-1.9.1_patched/src/utils.c 2005-03-02 15:01:45.003786585 +0100 +@@ -554,6 +554,23 @@ + #endif + } + ++char * ++sanitize_path(char *path) ++{ ++ char *str = NULL; ++ ++ /* evilhost/../ */ ++ while ((str = strstr(path, "..")) != NULL) ++ memcpy(str, "__", 2); ++ /* evilhost/.bashrc */ ++ while ((str = strstr(path, "/.")) != NULL) ++ str[1] = '_'; ++ /* .bashrc */ ++ if (*path == '.') ++ *path = '_'; ++ return path; ++} ++ + /* Returns 0 if PATH is a directory, 1 otherwise (any kind of file). + Returns 0 on error. */ + int +diff -Nur wget-1.9.1/src/utils.h wget-1.9.1_patched/src/utils.h +--- wget-1.9.1/src/utils.h 2003-10-11 15:57:11.000000000 +0200 ++++ wget-1.9.1_patched/src/utils.h 2005-03-02 15:02:06.631499261 +0100 +@@ -75,6 +75,7 @@ + int make_directory PARAMS ((const char *)); + char *unique_name PARAMS ((const char *, int)); + char *file_merge PARAMS ((const char *, const char *)); ++char *sanitize_path PARAMS ((char *)); + + int acceptable PARAMS ((const char *)); + int accdir PARAMS ((const char *s, enum accd)); |