Re: [patch] TODO for 4.6.1: ./file in tar archive

From: Leonard den Ottolander <leonard den ottolander nl>
To: MC Devel <mc-devel gnome org>
Subject: Re: [patch] TODO for 4.6.1: ./file in tar archive
Date: Fri, 01 Oct 2004 19:20:36 +0200

Hi,

On Fri, 2004-10-01 at 16:27, Leonard den Ottolander wrote:
> Hello Roland,
> 
> > We should do much more error checking at this point, for 
> > example for "../file" or similar things. Therefore we should use a 
> > function like canonicalize_pathname from src/utilunix.c.

Can tar archives be manipulated to include dot dot files? It definitely
does not work from the command line.

> Have you checked the source paths? I think canonicalize_pathname is
> already used and might be the cause of this little problem. I might be
> wrong though ;) .

Indeed I am wrong. vfs_canon is used indirectly by tar.c, not
canonicalize_pathname.

> >  We cannot use 
> > that function because of license issues (utilunix.c is GPL, vfs is LGPL) 
> > and dependency conflicts (src uses vfs, so vfs cannot use src; see ld(1) 
> > for further information).

This surprises me somewhat. The name would suggest utilunix.c defines
common "unix" functions.

Would using canonicalize_pathname require a lot of restructuring of the
code? Maybe you should mention that function in the fix me comment
instead.

By the way, patch seems to work, and I don't see any regressions.

Leonard.

-- 
mount -t life -o ro /dev/dna /genetic/research

Follow-Ups:
- Re[2]: [patch] TODO for 4.6.1: ./file in tar archive
  - From: pavelsh

References:
- Re: [patch] TODO for 4.6.1: ./file in tar archive
  - From: Leonard den Ottolander

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]