[SCM] Debian package checker branch, master, updated. 2.5.11-269-g4fa9095

To: debian-lint-maint@lists.debian.org
Subject: [SCM] Debian package checker branch, master, updated. 2.5.11-269-g4fa9095
From: "Niels Thykier" <niels@thykier.net>
Date: Tue, 16 Apr 2013 16:26:27 +0000
Message-id: <[🔎] E1US8iB-0001gn-PG@vasks.debian.org>

The following commit has been merged in the master branch:
commit 71631549698a2e73baa3ff007ecbd1a34a58c410
Author: Niels Thykier <niels@thykier.net>
Date:   Fri Apr 5 10:15:25 2013 +0200

    coll/*: Fix traversal via symlink in multiple collections
    
    Signed-off-by: Niels Thykier <niels@thykier.net>

diff --git a/collection/copyright-file b/collection/copyright-file
index 20ff5db..a3e3dba 100755
--- a/collection/copyright-file
+++ b/collection/copyright-file
@@ -25,7 +25,7 @@ use strict;
 use warnings;
 
 use lib "$ENV{'LINTIAN_ROOT'}/lib";
-use Lintian::Util qw(fail gunzip_file touch_file);
+use Lintian::Util qw(fail gunzip_file is_ancestor_of touch_file);
 
 use File::Copy qw(copy);
 
@@ -36,6 +36,14 @@ if ( -e "$dir/copyright" ) {
     unlink "$dir/copyright" or fail "unlink copyright: $!";
 }
 
+if (-d "$dir/unpacked/usr/share/doc/$pkg"
+      && !is_ancestor_of("$dir/unpacked", "$dir/unpacked/usr/share/doc/$pkg")) {
+    # if the parent dir is outside the package, just stop here before we
+    # do something we will regret.
+    touch_file("$dir/copyright");
+    return;
+}
+
 my $file = "$dir/unpacked/usr/share/doc/$pkg/copyright";
 
 # If copyright was a symlink, we need to make a copy of it.  Just hardlinking
diff --git a/collection/doc-base-files b/collection/doc-base-files
index d2e38da..6c7e250 100755
--- a/collection/doc-base-files
+++ b/collection/doc-base-files
@@ -26,7 +26,7 @@ use strict;
 use warnings;
 
 use lib "$ENV{'LINTIAN_ROOT'}/lib";
-use Lintian::Util qw(copy_dir delete_dir fail);
+use Lintian::Util qw(copy_dir delete_dir fail is_ancestor_of);
 
 sub collect {
 my ($pkg, $type, $dir) = @_;
@@ -37,6 +37,11 @@ if ( -e "$dir/doc-base") {
 }
 
 if ( -d "$dir/unpacked/usr/share/doc-base") {
+    if (!is_ancestor_of("$dir/unpacked", "$dir/unpacked/usr/share/doc-base")) {
+        # Unsafe
+        mkdir ("$dir/doc-base", 0777) or fail "cannot mkdir doc-base: $!";
+        return;
+    }
     copy_dir ("$dir/unpacked/usr/share/doc-base", "$dir/doc-base")
         or fail('cannot copy directory unpacked/usr/share/doc-base');
 } else {
diff --git a/collection/init.d b/collection/init.d
index 204d8d8..5ce22d6 100755
--- a/collection/init.d
+++ b/collection/init.d
@@ -25,7 +25,7 @@ use strict;
 use warnings;
 
 use lib "$ENV{'LINTIAN_ROOT'}/lib";
-use Lintian::Util qw(copy_dir delete_dir fail);
+use Lintian::Util qw(copy_dir delete_dir fail is_ancestor_of);
 
 sub collect {
 my ($pkg, $type, $dir) = @_;
@@ -36,6 +36,12 @@ if (-e "$dir/init.d") {
 }
 
 if (-d "$dir/unpacked/etc/init.d") {
+    if (!is_ancestor_of("$dir/unpacked", "$dir/unpacked/etc/init.d")) {
+        # Unsafe, stop
+        mkdir ("$dir/init.d", 0777) or fail "cannot mkdir init.d: $!";
+        return;
+    }
+
     copy_dir("$dir/unpacked/etc/init.d", "$dir/init.d")
         or fail('cannot copy init.d directory');
 } else {
diff --git a/collection/menu-files b/collection/menu-files
index 13290e6..734b26d 100755
--- a/collection/menu-files
+++ b/collection/menu-files
@@ -25,7 +25,7 @@ use strict;
 use warnings;
 
 use lib "$ENV{'LINTIAN_ROOT'}/lib";
-use Lintian::Util qw(copy_dir delete_dir fail);
+use Lintian::Util qw(copy_dir delete_dir fail is_ancestor_of);
 
 sub collect {
 my ($pkg, $type, $dir) = @_;
@@ -44,6 +44,11 @@ $dirs{'methods'} = 'etc/menu-methods';
 
 while (my ($shortn, $path) = each %dirs) {
     if (-d "$dir/unpacked/$path") {
+        if (!is_ancestor_of("$dir/unpacked", "$dir/unpacked/$path")) {
+            # Unsafe, skip
+            mkdir ("$dir/menu/$shortn", 0777) or fail ("cannot mkdir menu/$shortn: $!");
+            next;
+        }
          copy_dir ("$dir/unpacked/$path", "$dir/menu/$shortn")
             or fail("cannot copy unpacked/$path/ directory");
     } else {
diff --git a/collection/override-file b/collection/override-file
index e647b46..689f28c 100755
--- a/collection/override-file
+++ b/collection/override-file
@@ -26,7 +26,7 @@ use strict;
 use warnings;
 
 use lib "$ENV{'LINTIAN_ROOT'}/lib";
-use Lintian::Util qw(fail gunzip_file);
+use Lintian::Util qw(fail gunzip_file is_ancestor_of);
 
 sub collect {
 my ($pkg, $type, $dir) = @_;
@@ -54,6 +54,11 @@ for my $override (@overrides) {
     }
 }
 
+if (defined $file and not is_ancestor_of("$dir/unpacked", $file)) {
+    # unsafe, pretend we didn't see it.
+    undef $file;
+}
+
 if (not defined $file) {
     # no override found
 } elsif ($file =~ /\.gz$/) {
diff --git a/debian/changelog b/debian/changelog
index 7048e02..7f29698 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -159,6 +159,8 @@ lintian (2.5.12) UNRELEASED; urgency=low
     + [NT] New check written by Nicolas Boulenguez to catch some
       mistakes with the new autopkgtest tests.
 
+  * collection/*:
+    + [NT] Avoid reading files outside the package root.
   * collection/{changelog-file,debian-readme}:
     + [NT] Ignore files in usr/doc/<pkg>.
     + [NT] Skip collection if usr/share/doc/<pkg> is not contained

-- 
Debian package checker

Reply to:

Prev by Date: [SCM] Debian package checker branch, master, updated. 2.5.11-269-g4fa9095
Next by Date: [SCM] Debian package checker branch, master, updated. 2.5.11-269-g4fa9095
Previous by thread: [SCM] Debian package checker branch, master, updated. 2.5.11-269-g4fa9095
Next by thread: [SCM] Debian package checker branch, master, updated. 2.5.11-269-g4fa9095
Index(es):
- Date
- Thread