From ba16223652cfaa656d9c0c2d7bc7ab39dbd12467 Mon Sep 17 00:00:00 2001

From: Kamil Dudka <kdudka@redhat.com>

Date: Wed, 23 Oct 2013 15:04:22 +0200

Subject: [PATCH 1/3] decode: avoid using a static buffer in th_get_pathname()

A solution suggested by Chris Frey:

https://lists.feep.net:8080/pipermail/libtar/2013-October/000377.html

Note this can break programs that expect sizeof(TAR) to be fixed.

[upstream commit ec613af2e9371d7a3e1f7c7a6822164a4255b4d1]

---

 lib/decode.c |   24 +++++++++++++++++-------

 lib/handle.c |    1 +

 lib/libtar.h |    3 +++

 3 files changed, 21 insertions(+), 7 deletions(-)

diff --git a/lib/decode.c b/lib/decode.c

index c16ea2d..edb2185 100644

--- a/lib/decode.c

+++ b/lib/decode.c

@@ -26,20 +26,30 @@

 char *

 th_get_pathname(TAR *t)

 {

-	static TLS_THREAD char filename[MAXPATHLEN];

-

 	if (t->th_buf.gnu_longname)

 		return t->th_buf.gnu_longname;

-	if (t->th_buf.prefix[0] != '\0')

+	/* allocate the th_pathname buffer if not already */

+	if (t->th_pathname == NULL)

+	{

+		t->th_pathname = malloc(MAXPATHLEN * sizeof(char));

+		if (t->th_pathname == NULL)

+			/* out of memory */

+			return NULL;

+	}

+

+	if (t->th_buf.prefix[0] == '\0')

+	{

+		snprintf(t->th_pathname, MAXPATHLEN, "%.100s", t->th_buf.name);

+	}

+	else

 	{

-		snprintf(filename, sizeof(filename), "%.155s/%.100s",

+		snprintf(t->th_pathname, MAXPATHLEN, "%.155s/%.100s",

 			 t->th_buf.prefix, t->th_buf.name);

-		return filename;

 	}

-	snprintf(filename, sizeof(filename), "%.100s", t->th_buf.name);

-	return filename;

+	/* will be deallocated in tar_close() */

+	return t->th_pathname;

 }

diff --git a/lib/handle.c b/lib/handle.c

index 002d23c..a19c046 100644

--- a/lib/handle.c

+++ b/lib/handle.c

@@ -122,6 +122,7 @@ tar_close(TAR *t)

 		libtar_hash_free(t->h, ((t->oflags & O_ACCMODE) == O_RDONLY

 					? free

 					: (libtar_freefunc_t)tar_dev_free));

+	free(t->th_pathname);

 	free(t);

 	return i;

diff --git a/lib/libtar.h b/lib/libtar.h

index 7fc4d03..08a8e0f 100644

--- a/lib/libtar.h

+++ b/lib/libtar.h

@@ -85,6 +85,9 @@ typedef struct

 	int options;

 	struct tar_header th_buf;

 	libtar_hash_t *h;

+

+	/* introduced in libtar 1.2.21 */

+	char *th_pathname;

 }

 TAR;

-- 

1.7.1

From 8ef92e48bba35d60208cc09be2bab74f69273d15 Mon Sep 17 00:00:00 2001

From: Chris Frey <cdfrey@foursquare.net>

Date: Thu, 24 Oct 2013 17:55:12 -0400

Subject: [PATCH 2/3] Check for NULL before freeing th_pathname

Thanks to Harald Koch for pointing out that AIX 4 and 5 still need this.

[upstream commit 495d0c0eabc5648186e7d58ad54b508d14af38f4]

Signed-off-by: Kamil Dudka <kdudka@redhat.com>

---

 lib/handle.c |    3 ++-

 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/lib/handle.c b/lib/handle.c

index a19c046..28a7dc2 100644

--- a/lib/handle.c

+++ b/lib/handle.c

@@ -122,7 +122,8 @@ tar_close(TAR *t)

 		libtar_hash_free(t->h, ((t->oflags & O_ACCMODE) == O_RDONLY

 					? free

 					: (libtar_freefunc_t)tar_dev_free));

-	free(t->th_pathname);

+	if (t->th_pathname != NULL)

+		free(t->th_pathname);

 	free(t);

 	return i;

-- 

1.7.1

From 71101392dbab09718d38fabd151bb3cf22fc8b80 Mon Sep 17 00:00:00 2001

From: Chris Frey <cdfrey@foursquare.net>

Date: Thu, 24 Oct 2013 17:58:47 -0400

Subject: [PATCH 3/3] Added stdlib.h for malloc() in lib/decode.c

[upstream commit 20aa09bd7775094a2beb0f136c2c7d9e9fd6c7e6]

Signed-off-by: Kamil Dudka <kdudka@redhat.com>

---

 lib/decode.c |    1 +

 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/lib/decode.c b/lib/decode.c

index edb2185..35312be 100644

--- a/lib/decode.c

+++ b/lib/decode.c

@@ -13,6 +13,7 @@

 #include <internal.h>

 #include <stdio.h>

+#include <stdlib.h>

 #include <sys/param.h>

 #include <pwd.h>

 #include <grp.h>

-- 

1.7.1