mirrors/tar
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Detect tarbombs while extracting

Browse Source 
* src/common.h (one_top_level_option): New global.
(one_top_level): New global.
* src/extract.c (extr_init): If one_top_level_option is set, determine
the name one_top_level that might have to be prepended.
(extract_archive): If one_top_level_option is set, prepend one_top_level
to all names that don't already start with it.
* src/tar.c (ONE_TOP_LEVEL_OPTION): New contant.
(options): New option --one-top-level.
(parse_opt): Handle this option.
(decode_options): Make it conflict with --absolute-names.
This commit is contained in:
Connor Behan
2014-01-27 14:42:09 +02:00
committed by Sergey Poznyakoff
parent 95a51b93d0
commit 2af87fa277
5 changed files with 93 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
NEWS
View File

@@ -42,6 +42,14 @@ version 1.27.1 - Sergey Poznyakoff, 2013-11-17
* Fix extracting sparse members from star archives.
* The --one-top-level option.
This new command line option tells tar that the working directory
(or the one passed to -C) should not be populated with more than one
name directly under it. Instead, a newly created subdirectory is
used whose name is equal to the archive name without the extension.
For example, foo.tar.gz would be extracted to foo.
version 1.27 - Sergey Poznyakoff, 2013-10-05