tar: don't read/write archive contents from/to terminal

Resolves: #1083075 Version: 1.27.1-3
2014-04-01 14:51:55 +02:00 · 2014-04-01 14:51:55 +02:00 · 76844ee24d
commit 76844ee24d
parent be819f0840
2 changed files with 65 additions and 0 deletions
--- a/tar-1.27.1-dont-read-write-terminal.patch
+++ b/tar-1.27.1-dont-read-write-terminal.patch
@ -0,0 +1,56 @@
+diff --git a/NEWS b/NEWS
+index 1a264b0..c4dd8c6 100644
+--- a/NEWS
+++ b/NEWS
+@@ -12,6 +12,8 @@ version 1.27.1 - Sergey Poznyakoff, 2013-11-17
+ 
+ * Fix extracting sparse members from star archives.
+ 
+* Tar refuses to read input from and write output to a tty device.
+
+ 
+ version 1.27 - Sergey Poznyakoff, 2013-10-05
+ 
+diff --git a/src/buffer.c b/src/buffer.c
+index 4b44eaf..5ec8d31 100644
+--- a/src/buffer.c
+++ b/src/buffer.c
+@@ -633,6 +633,22 @@ init_buffer (void)
+   record_end = record_start + blocking_factor;
+ }
+ 
+static void
+check_tty (enum access_mode mode)
+{
+  /* Refuse to read archive from and write it to a tty. */
+  if (strcmp (archive_name_array[0], "-") == 0
+      && isatty (mode == ACCESS_READ ? STDIN_FILENO : STDOUT_FILENO))
+    {
+      FATAL_ERROR ((0, 0,
+		    mode == ACCESS_READ
+		    ? _("Refusing to read archive contents from terminal "
+			"(missing -f option?)")
+		    : _("Refusing to write archive contents to terminal "
+			"(missing -f option?)")));
+    }
+}
+
+ /* Open an archive file.  The argument specifies whether we are
+    reading or writing, or both.  */
+ static void
+@@ -653,6 +669,7 @@ _open_archive (enum access_mode wanted_access)
+ 
+   /* When updating the archive, we start with reading.  */
+   access_mode = wanted_access == ACCESS_UPDATE ? ACCESS_READ : wanted_access;
+  check_tty (access_mode);
+ 
+   read_full_records = read_full_records_option;
+ 
+@@ -696,7 +713,6 @@ _open_archive (enum access_mode wanted_access)
+             enum compress_type type;
+ 
+             archive = STDIN_FILENO;
+-
+             type = check_compressed_archive (&shortfile);
+             if (type != ct_tar && type != ct_none)
+               FATAL_ERROR ((0, 0,
--- a/tar.spec
+++ b/tar.spec
@ -94,6 +94,12 @@ Patch12: tar-1.27.1-big-sparse-listing.patch
 # ~> (#1083066)
 Patch13: tar-1.27.1-T-eternal-loop.patch

+# Refuse to read/write archive from/to terminal input/output (enhancement fc21+)
+# ~> upstream (commits b0902369e7 & 7808b69)
+#    http://lists.gnu.org/archive/html/bug-tar/2014-03/msg00030.html
+# ~> #1083075
+Patch14: tar-1.27.1-dont-read-write-terminal.patch
+

 # run "make check" by default
 %bcond_without check
@ -141,6 +147,7 @@ the rmt package on the remote box.
 %patch11 -p1 -b .inf-loops-in-sparse
 %patch12 -p1 -b .big-sparse
 %patch13 -p1 -b .T-eternal-loop
+%patch14 -p1 -b .terminal-input-output

 autoreconf -v

@ -204,6 +211,8 @@ fi
 - fix default ACLs propagation (#1082603)
 - infinite loop(s) in sparse-file handling (#1082608)
 - fix listing (and --verify) for big sparse files (#916995)
+- fix eternal loop in -T option (#1083066)
+- don't read/write archive from/to terminal (#1083075)

 * Fri Nov 29 2013 Pavel Raiskup <praiskup@redhat.com> - 1.27.1-2
 - sync manual page contents with help2man output