Prevent archive memebers with illegal pathnames from being extracted from an archive.

PR binutils/17552, binutils/17533 * bucomm.c (is_valid_archive_path): New function. Returns false for absolute pathnames and pathnames that include /../. * bucomm.h (is_valid_archive_path): Add prototype. * ar.c (extract_file): Use new function to check for valid pathnames when extracting files from an archive. * objcopy.c (copy_archive): Likewise. * doc/binutils.texi: Update documentation to mention the limitation on pathname of archive members.
author: Nick Clifton <nickc@redhat.com> 2014-11-06 14:49:10 +0000
committer: Nick Clifton <nickc@redhat.com> 2014-11-06 14:49:10 +0000
commit: dd9b91de2149ee81d47f708e7b0bbf57da10ad42 (patch)
tree: 9abc44b553f584ed318e6747e7f49d1095ea13c6 /binutils/doc
parent: 834107255bbefceb445fa733ebc1ea5d9f41ec7f (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/binutils/doc/binutils.texi b/binutils/doc/binutils.texi
index eee77b1e79..39eb1d2443 100644
--- a/binutils/doc/binutils.texi
+++ b/binutils/doc/binutils.texi
@@ -234,7 +234,8 @@ a normal archive.  Instead the elements of the first archive are added
 individually to the second archive.
 
 The paths to the elements of the archive are stored relative to the
-archive itself.
+archive itself.  For security reasons absolute paths and paths with a
+@code{/../} component are not allowed.
 
 @cindex compatibility, @command{ar}
 @cindex @command{ar} compatibility
author	Nick Clifton <nickc@redhat.com>	2014-11-06 14:49:10 +0000
committer	Nick Clifton <nickc@redhat.com>	2014-11-06 14:49:10 +0000
commit	dd9b91de2149ee81d47f708e7b0bbf57da10ad42 (patch)
tree	9abc44b553f584ed318e6747e7f49d1095ea13c6 /binutils/doc
parent	834107255bbefceb445fa733ebc1ea5d9f41ec7f (diff)