48,23 → 48,17 |
- return t->th_buf.gnu_longname; |
+ return safer_name_suffix(t->th_buf.gnu_longname); |
|
size_t pathlen = |
strlen(t->th_buf.prefix) + strlen(t->th_buf.name) + 2; |
@@ -43,12 +72,12 @@ th_get_pathname(TAR *t) |
/* allocate the th_pathname buffer if not already */ |
if (t->th_pathname == NULL) |
@@ -50,7 +79,7 @@ th_get_pathname(TAR *t) |
} |
|
if (t->th_buf.prefix[0] == '\0') |
{ |
- snprintf(t->th_pathname, pathlen, "%.100s", t->th_buf.name); |
+ snprintf(t->th_pathname, pathlen, "%.100s", safer_name_suffix(t->th_buf.name)); |
/* will be deallocated in tar_close() */ |
- return t->th_pathname; |
+ return safer_name_suffix(t->th_pathname); |
} |
else |
{ |
snprintf(t->th_pathname, pathlen, "%.155s/%.100s", |
- t->th_buf.prefix, t->th_buf.name); |
+ t->th_buf.prefix, safer_name_suffix(t->th_buf.name)); |
} |
|
/* will be deallocated in tar_close() */ |
|
--- a/lib/extract.c |
+++ b/lib/extract.c |
@@ -298,14 +298,14 @@ tar_extract_hardlink(TAR * t, char *real |
103,3 → 97,17 |
#endif |
|
+char* safer_name_suffix(char const*); |
--- a/lib/output.c |
+++ b/lib/output.c |
@@ -123,9 +123,9 @@ th_print_long_ls(TAR *t) |
else |
printf(" link to "); |
if ((t->options & TAR_GNU) && t->th_buf.gnu_longlink != NULL) |
- printf("%s", t->th_buf.gnu_longlink); |
+ printf("%s", safer_name_suffix(t->th_buf.gnu_longlink)); |
else |
- printf("%.100s", t->th_buf.linkname); |
+ printf("%.100s", safer_name_suffix(t->th_buf.linkname)); |
} |
|
putchar('\n'); |