bug-binutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/17533] objdump/ar/... crash on malformed ar file

From: nickc at redhat dot com
Subject: [Bug binutils/17533] objdump/ar/... crash on malformed ar file
Date: Tue, 04 Nov 2014 16:08:43 +0000 
https://sourceware.org/bugzilla/show_bug.cgi?id=17533

--- Comment #6 from Nick Clifton <nickc at redhat dot com> ---
Hi Alexander,

> I have another one for you -- directory traversal:
> 
> $ printf '!<arch>\n%-48s%-10d`\n../file\n%-48s%-10s`\n' '//' 8 '/0' 0 > test.a
> $ ar xv test.a
> x - ../file

What is the problem with this ?

The documentation states that paths of elemets within an archive are stored
relative to the archive itself.  But it does not forbid directory traversal in
the paths.

Cheers
  Nick

-- 
You are receiving this mail because:
You are on the CC list for the bug.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]