head	1.2;
access;
symbols
	OPENPKG_E1_MP_HEAD:1.2
	OPENPKG_E1_MP:1.2
	OPENPKG_E1_MP_2_STABLE:1.1.10.1
	OPENPKG_E1_FP:1.1.10.1
	OPENPKG_2_STABLE_20061018:1.1.10.1
	OPENPKG_2_STABLE_20060622:1.1
	OPENPKG_2_STABLE:1.1.0.10
	OPENPKG_2_STABLE_BP:1.1
	OPENPKG_2_5_RELEASE:1.1
	OPENPKG_2_5_SOLID:1.1.0.8
	OPENPKG_2_5_SOLID_BP:1.1
	OPENPKG_2_4_RELEASE:1.1
	OPENPKG_2_4_SOLID:1.1.0.6
	OPENPKG_2_4_SOLID_BP:1.1
	OPENPKG_CW_FP:1.1
	OPENPKG_2_3_RELEASE:1.1
	OPENPKG_2_3_SOLID:1.1.0.4
	OPENPKG_2_3_SOLID_BP:1.1
	OPENPKG_2_2_SOLID:1.1.0.2;
locks; strict;
comment	@# @;


1.2
date	2006.09.21.05.54.51;	author rse;	state dead;
branches;
next	1.1;
commitid	aCWLtb8qcmUXQENr;

1.1
date	2004.10.22.09.08.07;	author rse;	state Exp;
branches
	1.1.2.1
	1.1.10.1;
next	;

1.1.2.1
date	2004.10.22.09.43.40;	author rse;	state Exp;
branches;
next	;

1.1.10.1
date	2006.10.16.14.48.48;	author rse;	state dead;
branches;
next	;
commitid	iZxwRSmmWscPXUQr;


desc
@@


1.2
log
@upgrading package: cabextract 1.1 -> 1.2
@
text
@Index: mempcpy.c
--- mempcpy.c.orig	2004-07-16 16:07:01 +0200
+++ mempcpy.c	2004-10-22 11:06:40 +0200
@@@@ -29,19 +29,17 @@@@
 
 */
 
-#include <ansidecl.h>
+#include <string.h>
 #ifdef ANSI_PROTOTYPES
 #include <stddef.h>
 #else
 #define size_t unsigned long
 #endif
 
-extern PTR memcpy PARAMS ((PTR, const PTR, size_t));
-
-PTR
+void *
 mempcpy (dst, src, len)
-     PTR dst;
-     const PTR src;
+     void * dst;
+     const void * src;
      size_t len;
 {
   return (char *) memcpy (dst, src, len) + len;
@


1.1
log
@upgrade to 1.1 in order to fix a security hole
@
text
@@


1.1.10.1
log
@Mass merge from CURRENT to 2-STABLE (all packages except those of JUNK class)
@
text
@@


1.1.2.1
log
@CAN-2004-0916: directory traversal in cabextract
@
text
@d1 4
a4 20
Fix Security Bug (CAN-2004-0916)

--- src/cabextract.c	2004-03-09 20:05:04 +0100
+++ src/cabextract.c	2004-10-17 22:16:23 +0200
@@@@ -727,6 +752,16 @@@@
       else if (lower)      c = (unsigned char) tolower((int) c);
     } while ((*p++ = c));
   }
+
+  /* search for "../" in cab filename part and change to "xx/".  This
+   * prevents any unintended directory traversal. */
+  for (p = &name[dir ? strlen(dir)+1 : 0]; *p; p++) {
+    if ((p[0] == '.') && (p[1] == '.') && (p[2] == '/')) {
+      p[0] = p[1] = 'x';
+      p += 2;
+    }
+  }
+
   return (char *) name;
 }
d6 22
@