ports/archivers/lha/files/patch-lhext.c

--- src/lhext.c.orig	2000-10-04 14:57:38 UTC
+++ src/lhext.c
@@ -143,13 +143,13 @@ adjust_info(name, hdr)
 	char           *name;
 	LzHeader       *hdr;
 {
-	time_t          utimebuf[2];
+	struct utimbuf  utimebuf;
 
 	/* adjust file stamp */
-	utimebuf[0] = utimebuf[1] = hdr->unix_last_modified_stamp;
+	utimebuf.actime = utimebuf.modtime = hdr->unix_last_modified_stamp;
 
 	if ((hdr->unix_mode & UNIX_FILE_TYPEMASK) != UNIX_FILE_SYMLINK)
-		utime(name, utimebuf);
+		utime(name, &utimebuf);
 
 	if (hdr->extend_type == EXTEND_UNIX
 	    || hdr->extend_type == EXTEND_OS68K
@@ -190,8 +190,13 @@ extract_one(afp, hdr)
 		q = (char *) rindex(hdr->name, '/') + 1;
 	}
 	else {
+		if (is_directory_traversal(q)) {
+		  fprintf(stderr, "Possible directory traversal hack attempt in %s\n", q);
+		  exit(111);
+		}
+
 		if (*q == '/') {
-			q++;
+			while (*q == '/') { q++; }
 			/*
 			 * if OSK then strip device name
 			 */
@@ -351,10 +356,13 @@ extract_one(afp, hdr)
 				}
 
 				unlink(bb1);
+				make_parent_path(bb1);
 				l_code = symlink(bb2, bb1);
 				if (l_code < 0) {
-					if (quiet != TRUE)
-						warning("Can't make Symbolic Link : ");
+					if (quiet != TRUE) {
+						sprintf(buf, "%s -> %s", bb1, bb2);
+						warning("Can't make Symbolic Link : ", buf);
+					}
 				}
 				if (quiet != TRUE) {
 					printf("Symbolic Link %s -> %s\n", bb1, bb2);
@@ -419,6 +427,33 @@ cmd_extract()
 	return;
 }
 
+int
+is_directory_traversal(char *string)
+{
+  unsigned int type = 0; /* 0 = new, 1 = only dots, 2 = other chars than dots */
+  char *temp;
+
+  temp = string;
+
+  while (*temp != 0) {
+    if (temp[0] == '/') {
+      if (type == 1) { return 1; }
+      type = 0;
+      temp++;
+      continue;
+    }
+
+    if ((temp[0] == '.') && (type < 2))
+      type = 1;
+    if (temp[0] != '.')
+      type = 2;
+
+    temp++;
+  } /* while */
+
+  return (type == 1);
+}
+
 /* Local Variables: */
 /* mode:c */
 /* tab-width:4 */