58 lines
1.7 KiB
Text
58 lines
1.7 KiB
Text
$NetBSD: patch-ad,v 1.1 2005/01/21 14:42:10 wiz Exp $
|
|
|
|
--- unarj.c.orig 2002-06-05 12:28:06.000000000 +0200
|
|
+++ unarj.c
|
|
@@ -213,7 +213,7 @@ static uchar arj_flags;
|
|
static short method;
|
|
static uint file_mode;
|
|
static ulong time_stamp;
|
|
-static short entry_pos;
|
|
+static ushort entry_pos;
|
|
static ushort host_data;
|
|
static uchar *get_ptr;
|
|
static UCRC file_crc;
|
|
@@ -231,6 +231,8 @@ static UCRC crctable[UCHAR_MAX + 1];
|
|
|
|
/* Functions */
|
|
|
|
+void copy_path_relative(char *dest, char *src, size_t len);
|
|
+
|
|
static void
|
|
make_crctable()
|
|
{
|
|
@@ -604,6 +606,7 @@ char *name;
|
|
error(M_BADHEADR, "");
|
|
|
|
crc = CRC_MASK;
|
|
+ memset(header, 0, sizeof(header));
|
|
fread_crc(header, (int) headersize, fd);
|
|
header_crc = fget_crc(fd);
|
|
if ((crc ^ CRC_MASK) != header_crc)
|
|
@@ -628,9 +631,13 @@ char *name;
|
|
|
|
if (origsize < 0 || compsize < 0)
|
|
error(M_HEADRCRC, "");
|
|
+ if(first_hdr_size > headersize-2) /* need two \0 for file and comment */
|
|
+ error(M_BADHEADR, "");
|
|
|
|
hdr_filename = (char *)&header[first_hdr_size];
|
|
strncopy(filename, hdr_filename, sizeof(filename));
|
|
+ if(entry_pos >= strlen(filename))
|
|
+ error(M_BADHEADR, "");
|
|
if (host_os != OS)
|
|
strparity((uchar *)filename);
|
|
if ((arj_flags & PATHSYM_FLAG) != 0)
|
|
@@ -727,11 +734,11 @@ extract()
|
|
|
|
no_output = 0;
|
|
if (command == 'E')
|
|
- strcpy(name, &filename[entry_pos]);
|
|
+ copy_path_relative(name, &filename[entry_pos], sizeof(name));
|
|
else
|
|
{
|
|
strcpy(name, DEFAULT_DIR);
|
|
- strcat(name, filename);
|
|
+ copy_path_relative(name+strlen(name), filename, sizeof(name)-strlen(name));
|
|
}
|
|
|
|
if (host_os != OS)
|