diff options
| author | Tony Cook <tony@develop-help.com> | 2018-09-20 11:53:19 +1000 |
|---|---|---|
| committer | Tony Cook <tony@develop-help.com> | 2018-09-24 14:55:56 +1000 |
| commit | d0130b8d46dabdeb571fff8bbc3a791f4ea1f28c (patch) | |
| tree | 97c0b563bd3705fd9a01e28411a7f6d869de84fa | |
| parent | ec1caca18cd82b52415e8d49701f71e4035de2cc (diff) | |
| download | perl-d0130b8d46dabdeb571fff8bbc3a791f4ea1f28c.tar.gz | |
(perl #133250) backport CVE-2018-12015 fix
| -rwxr-xr-x | Porting/Maintainers.pl | 1 | ||||
| -rw-r--r-- | cpan/Archive-Tar/lib/Archive/Tar.pm | 17 | ||||
| -rw-r--r-- | t/porting/customized.dat | 1 |
3 files changed, 18 insertions, 1 deletions
diff --git a/Porting/Maintainers.pl b/Porting/Maintainers.pl index e9032a91f3..5f3b3141d1 100755 --- a/Porting/Maintainers.pl +++ b/Porting/Maintainers.pl @@ -126,6 +126,7 @@ use File::Glob qw(:case); 'EXCLUDED' => [ qw(t/07_ptardiff.t), ], + 'CUSTOMIZED' => [ qw(lib/Archive/Tar.pm) ], # CVE-2018-12015 }, 'Attribute::Handlers' => { diff --git a/cpan/Archive-Tar/lib/Archive/Tar.pm b/cpan/Archive-Tar/lib/Archive/Tar.pm index d63e586317..00db612193 100644 --- a/cpan/Archive-Tar/lib/Archive/Tar.pm +++ b/cpan/Archive-Tar/lib/Archive/Tar.pm @@ -31,7 +31,7 @@ use vars qw[$DEBUG $error $VERSION $WARN $FOLLOW_SYMLINK $CHOWN $CHMOD $DEBUG = 0; $WARN = 1; $FOLLOW_SYMLINK = 0; -$VERSION = "2.24"; +$VERSION = "2.24_01"; $CHOWN = 1; $CHMOD = 1; $SAME_PERMISSIONS = $> == 0 ? 1 : 0; @@ -845,6 +845,21 @@ sub _extract_file { return; } + ### If a file system already contains a block device with the same name as + ### the being extracted regular file, we would write the file's content + ### to the block device. So remove the existing file (block device) now. + ### If an archive contains multiple same-named entries, the last one + ### should replace the previous ones. So remove the old file now. + ### If the old entry is a symlink to a file outside of the CWD, the new + ### entry would create a file there. This is CVE-2018-12015 + ### <https://rt.cpan.org/Ticket/Display.html?id=125523>. + if (-l $full || -e _) { + if (!unlink $full) { + $self->_error( qq[Could not remove old file '$full': $!] ); + return; + } + } + if( length $entry->type && $entry->is_file ) { my $fh = IO::File->new; $fh->open( '>' . $full ) or ( diff --git a/t/porting/customized.dat b/t/porting/customized.dat index 5014b3e210..7a5c7fc0b4 100644 --- a/t/porting/customized.dat +++ b/t/porting/customized.dat @@ -1,3 +1,4 @@ +Archive::Tar cpan/Archive-Tar/lib/Archive/Tar.pm e93f3f352b4820b3ccdc1f06cb82b2102fe1de3b Digest cpan/Digest/Digest.pm 43f7f544cb11842b2f55c73e28930da50774e081 Encode cpan/Encode/Unicode/Unicode.pm 9749692c67f7d69083034de9184a93f070ab4799 ExtUtils::Constant cpan/ExtUtils-Constant/t/Constant.t a0369c919e216fb02767a637666bb4577ad79b02 |