[SCM] Debian package checker branch, wheezy, updated. 2.5.10.4-15-ge0dc594
The following commit has been merged in the wheezy branch:
commit d0b2dc6cc64dd381f740dd785039aef6f3e2f0d9
Author: Niels Thykier <niels@thykier.net>
Date: Fri Apr 5 10:11:34 2013 +0200
coll/debian-readme: Check that usr/share/doc/<pkg> is safe
At the same time, stop looking at files in usr/doc/<pkg>.
Signed-off-by: Niels Thykier <niels@thykier.net>
diff --git a/collection/debian-readme b/collection/debian-readme
index 177dc38..5fa3434 100755
--- a/collection/debian-readme
+++ b/collection/debian-readme
@@ -23,7 +23,7 @@ use strict;
use warnings;
use lib "$ENV{'LINTIAN_ROOT'}/lib";
-use Lintian::Util qw(fail gunzip_file touch_file);
+use Lintian::Util qw(fail gunzip_file touch_file is_ancestor_of);
($#ARGV == 2) or fail 'syntax: debian-readme <pkg> <type> <dir>';
my ($pkg, $type, $dir) = @ARGV;
@@ -37,10 +37,14 @@ my @readmes = ("$dir/unpacked/usr/share/doc/$pkg/README.Debian.gz",
"$dir/unpacked/usr/share/doc/$pkg/README.Debian",
"$dir/unpacked/usr/share/doc/$pkg/README.debian.gz",
"$dir/unpacked/usr/share/doc/$pkg/README.debian",
- "$dir/unpacked/usr/doc/$pkg/README.Debian.gz",
- "$dir/unpacked/usr/doc/$pkg/README.Debian",
- "$dir/unpacked/usr/doc/$pkg/README.debian.gz",
- "$dir/unpacked/usr/doc/$pkg/README.debian");
+ );
+
+if (-d "$dir/unpacked/usr/share/doc/$pkg"
+ && !is_ancestor_of("$dir/unpacked", "$dir/unpacked/usr/share/doc/$pkg")) {
+ # Unsafe path, stop here
+ touch_file("$dir/README.Debian");
+ return;
+}
my $file;
for (@readmes) {
diff --git a/debian/changelog b/debian/changelog
index 3d04c2c..161042e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -16,7 +16,7 @@ lintian (2.5.10.5) unstable; urgency=low
+ [NT] Fix path traversal issue that could leak information
about the host system.
- * collection/changelog-file:
+ * collection/{changelog-file,debian-readme}:
+ [NT] Ignore files in usr/doc/<pkg>.
+ [NT] Skip collection if usr/share/doc/<pkg> is not contained
within the package root.
--
Debian package checker
Reply to: