[patch] TODO for 4.6.1: ./file in tar archive
Leonard den Ottolander
leonard at den.ottolander.nl
Fri Oct 1 17:20:36 UTC 2004
Hi,
On Fri, 2004-10-01 at 16:27, Leonard den Ottolander wrote:
> Hello Roland,
>
> > We should do much more error checking at this point, for
> > example for "../file" or similar things. Therefore we should use a
> > function like canonicalize_pathname from src/utilunix.c.
Can tar archives be manipulated to include dot dot files? It definitely
does not work from the command line.
> Have you checked the source paths? I think canonicalize_pathname is
> already used and might be the cause of this little problem. I might be
> wrong though ;) .
Indeed I am wrong. vfs_canon is used indirectly by tar.c, not
canonicalize_pathname.
> > We cannot use
> > that function because of license issues (utilunix.c is GPL, vfs is LGPL)
> > and dependency conflicts (src uses vfs, so vfs cannot use src; see ld(1)
> > for further information).
This surprises me somewhat. The name would suggest utilunix.c defines
common "unix" functions.
Would using canonicalize_pathname require a lot of restructuring of the
code? Maybe you should mention that function in the fix me comment
instead.
By the way, patch seems to work, and I don't see any regressions.
Leonard.
--
mount -t life -o ro /dev/dna /genetic/research
More information about the mc-devel
mailing list