diff options
author | simon <simon@FreeBSD.org> | 2005-03-09 07:03:20 +0800 |
---|---|---|
committer | simon <simon@FreeBSD.org> | 2005-03-09 07:03:20 +0800 |
commit | 02f47c4abc7b2ccd4a87eb763d53ddfb4a7e1216 (patch) | |
tree | 3a1056c678f6bc44acc48b5f39e4f139c4917d7b /ftp | |
parent | e58b9c27f208148eb60f3c92134e8b473ecb3c6b (diff) | |
download | freebsd-ports-gnome-02f47c4abc7b2ccd4a87eb763d53ddfb4a7e1216.tar.gz freebsd-ports-gnome-02f47c4abc7b2ccd4a87eb763d53ddfb4a7e1216.tar.zst freebsd-ports-gnome-02f47c4abc7b2ccd4a87eb763d53ddfb4a7e1216.zip |
Fix directory traversal vulnerability.
Security: CAN-2004-1487
Security: http://vuxml.FreeBSD.org/06f142ff-4df3-11d9-a9e7-0001020eed82.html
(part of)
Obtained from: SuSE
Approved by: erwin (mentor)
Diffstat (limited to 'ftp')
-rw-r--r-- | ftp/wget-devel/Makefile | 2 | ||||
-rw-r--r-- | ftp/wget-devel/files/patch-CAN-2004-1487 | 51 |
2 files changed, 52 insertions, 1 deletions
diff --git a/ftp/wget-devel/Makefile b/ftp/wget-devel/Makefile index 9a1831c13420..1e01542bd898 100644 --- a/ftp/wget-devel/Makefile +++ b/ftp/wget-devel/Makefile @@ -7,7 +7,7 @@ PORTNAME= wget-devel PORTVERSION= 1.9.1 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= ftp www MASTER_SITES= ${MASTER_SITE_GNU} MASTER_SITE_SUBDIR= wget diff --git a/ftp/wget-devel/files/patch-CAN-2004-1487 b/ftp/wget-devel/files/patch-CAN-2004-1487 new file mode 100644 index 000000000000..d37947a1c88f --- /dev/null +++ b/ftp/wget-devel/files/patch-CAN-2004-1487 @@ -0,0 +1,51 @@ +diff -ruN wget-LFS-20040909/src/http.c wget-LFS-20040909.patched/src/http.c +--- src/http.c.orig 2004-09-09 19:28:26.000000000 -0700 ++++ src/http.c 2005-02-21 04:13:05.000000000 -0800 +@@ -1719,6 +1719,7 @@ + /* Open the local file. */ + if (!output_stream) + { ++ sanitize_path(*hs->local_file); + mkalldirs (*hs->local_file); + if (opt.backups) + rotate_backups (*hs->local_file); +diff -ruN wget-LFS-20040909/src/utils.c wget-LFS-20040909.patched/src/utils.c +--- src/utils.c.orig 2004-09-09 13:32:07.000000000 -0700 ++++ src/utils.c 2005-02-21 04:11:54.000000000 -0800 +@@ -368,6 +368,25 @@ + #endif + } + ++ ++char * ++sanitize_path(char *path) ++{ ++ char *str = NULL; ++ ++ /* evilhost/../ */ ++ while ((str = strstr(path, "..")) != NULL) ++ memcpy(str, "__", 2); ++ /* evilhost/.bashrc */ ++ while ((str = strstr(path, "/.")) != NULL) ++ str[1] = '_'; ++ /* .bashrc */ ++ if (*path == '.') ++ *path = '_'; ++ return path; ++} ++ ++ + /* Returns 0 if PATH is a directory, 1 otherwise (any kind of file). + Returns 0 on error. */ + int +diff -ruN wget-LFS-20040909/src/utils.h wget-LFS-20040909.patched/src/utils.h +--- src/utils.h.orig 2004-09-09 21:05:36.000000000 -0700 ++++ src/utils.h 2005-02-21 04:04:07.000000000 -0800 +@@ -83,6 +83,7 @@ + int make_directory PARAMS ((const char *)); + char *unique_name PARAMS ((const char *, int)); + char *file_merge PARAMS ((const char *, const char *)); ++char *sanitize_path PARAMS ((char *)); + + int acceptable PARAMS ((const char *)); + int accdir PARAMS ((const char *s, enum accd)); |