On Tue, 17 Jan 2017 03:30:00 +0000 Ben Hutchings <b...@decadent.org.uk> wrote: > Package: cpio > Version: 2.11+dfsg-6 > Severity: important > Tags: patch > > I mistakenly tried to extract a tar file using cpio, and it crashed. > cpio does support tar files for some reason, but this feature seems to > have regressed. > > Reproducer: tar --no-recursion -c . | cpio -i > > Patch: > > --- a/src/copyin.c > +++ b/src/copyin.c > @@ -1431,8 +1431,9 @@ process_copy_in () > break; > } > > - if (file_hdr.c_namesize <= 1) > - file_hdr.c_name = xrealloc(file_hdr.c_name, 2); > + if (archive_format != arf_tar && archive_format != arf_ustar > + && file_hdr.c_namesize <= 1) > + file_hdr.c_name = xrealloc(file_hdr.c_name, 2); > cpio_safer_name_suffix (file_hdr.c_name, false, !no_abs_paths_flag, > false); > > --- END ---
By the way, this is related to the comment beginning 'Debian hack:' further up in the file... a comment that is part of the upstream code, not any Debian patch! Ben. -- Ben Hutchings We get into the habit of living before acquiring the habit of thinking. - Albert Camus
signature.asc
Description: This is a digitally signed message part
