diff options
| author | Nick Clifton <nickc@redhat.com> | 2019-11-07 11:56:54 +0000 |
|---|---|---|
| committer | Nick Clifton <nickc@redhat.com> | 2019-11-07 11:56:54 +0000 |
| commit | e264b5b7a57dab997776ae845f9e0b3e5f20c713 (patch) | |
| tree | a80b6f31b2da2ab6debef8f6ff1c2bb66aa5aa8f /binutils/ar.c | |
| parent | ef07b8082ea5f9c48d0c6bcf0e4c1855ddf2c49b (diff) | |
| download | binutils-gdb-e264b5b7a57dab997776ae845f9e0b3e5f20c713.tar.gz | |
Allow the --output option of the "ar" prorgam to extract files to locations outside of the current directory.
* ar.c (open_output_file): Check for filename validity before
prefixing with output directory.
Display the constructed output filename if in verbose mode.
(extract_file): Let open_output_file display the filename.
Diffstat (limited to 'binutils/ar.c')
| -rw-r--r-- | binutils/ar.c | 29 |
1 files changed, 15 insertions, 14 deletions
diff --git a/binutils/ar.c b/binutils/ar.c index 0af7954a47a..b8342ce65a1 100644 --- a/binutils/ar.c +++ b/binutils/ar.c @@ -1070,6 +1070,18 @@ open_output_file (bfd * abfd) { output_filename = bfd_get_filename (abfd); + /* PR binutils/17533: Do not allow directory traversal + outside of the current directory tree - unless the + user has explicitly specified an output directory. */ + if (! is_valid_archive_path (output_filename)) + { + char * base = (char *) lbasename (output_filename); + + non_fatal (_("illegal output pathname for archive member: %s, using '%s' instead"), + output_filename, base); + output_filename = base; + } + if (output_dir) { size_t len = strlen (output_dir); @@ -1083,18 +1095,10 @@ open_output_file (bfd * abfd) output_filename = concat (output_dir, "/", output_filename, NULL); } } - - /* PR binutils/17533: Do not allow directory traversal - outside of the current directory tree. */ - if (! is_valid_archive_path (output_filename)) - { - char * base = (char *) lbasename (output_filename); - - non_fatal (_("illegal output pathname for archive member: %s, using '%s' instead"), - output_filename, base); - output_filename = base; - } + if (verbose) + printf ("x - %s\n", output_filename); + FILE * ostream = fopen (output_filename, FOPEN_WB); if (ostream == NULL) { @@ -1126,9 +1130,6 @@ extract_file (bfd *abfd) fatal (_("internal stat error on %s"), bfd_get_filename (abfd)); size = buf.st_size; - if (verbose) - printf ("x - %s\n", bfd_get_filename (abfd)); - bfd_seek (abfd, (file_ptr) 0, SEEK_SET); output_file = NULL; |