diff options
Diffstat (limited to 'archive/rpmunpack/patch')
| -rw-r--r-- | archive/rpmunpack/patch | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/archive/rpmunpack/patch b/archive/rpmunpack/patch new file mode 100644 index 0000000000..ffe364b0d3 --- /dev/null +++ b/archive/rpmunpack/patch @@ -0,0 +1,37 @@ +--- rpmunpack.orig 2003-01-15 16:01:41.000000000 +0100 ++++ rpmunpack.c 2003-01-15 16:14:55.000000000 +0100 +@@ -58,9 +58,10 @@ + /* + * Main program + */ +-void main(int argc, char **argv) ++int main(int argc, char **argv) + { + int len, status = 0; ++ char *x; + + /* Get our own program name */ + if ((progname = strrchr(argv[0], '/')) == NULL) +@@ -94,6 +95,13 @@ + + /* Open output file */ + strcat(buffer, ".cpio.gz"); ++ ++ /* check for directory traversal stuff */ ++ while ( (x = strchr( buffer, 47 )) != NULL ){ ++ *x = 95; ++ /* replace the / with a _ */ ++ } ++ + if (infile == STDIN_FILENO) + outfile = STDOUT_FILENO; + else if ((outfile = open(buffer, O_WRONLY | O_CREAT | O_TRUNC, 0644)) < 0) { +@@ -111,7 +119,7 @@ + * never appears before offset 0x200, so we skip these first couple of + * bytes to make the signature scan a little more reliable. + */ +- myread(0x200 - 74); ++ myread( (int) 0x200 - 74); + while (status < 2) { + myread(1); + if (status == 0 && buffer[0] == GZ_MAGIC_1) |