From: Cyril Brulebois <cyril.brulebois@enst-bretagne.fr>
Date: Sat, 2 Feb 2008 04:45:45 +0000 (+0100)
Subject: Fix security hole: check $program is a supported one.
X-Git-Tag: 0.8~8^2~2
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=2cdc97a13bb4da902d5d59b153ea9faa9a480be9;p=tools%2Fpristine-tar.git

Fix security hole: check $program is a supported one.
---

diff --git a/pristine-bz2 b/pristine-bz2
index 2866935..0e1c7d4 100755
--- a/pristine-bz2
+++ b/pristine-bz2
@@ -79,6 +79,9 @@ use constant BZIP2_ID2		 => 0x5a;
 # compression methods, 'h' for Bzip2 ('H'uffman coding), '0' for Bzip1 (deprecated)
 use constant BZIP2_METHOD_HUFFMAN => 0x68;
 
+# only used in the paranoia check, not in reproducebzip2()
+my @supported_bzip2_programs = qw(bzip2 pbzip2);
+
 my $verbose=0;
 my $debug=0;
 my $keep=0;
@@ -191,6 +194,8 @@ sub reproducebzip2 {
 	# header information
 	my @args = predictbzip2args($level);
 
+	# fixme: we might be iterating using @supported_bzip2_programs
+
 	# bzip2 -9 in *many* cases
 	testvariant($orig, $new, 'bzip2', @args)
 		&& return 'bzip2', @args;
@@ -249,9 +254,13 @@ sub genbz2 {
 	}
 	@params=split(' ', $params);
 	close IN;
+
 	open (IN, "$tempdir/program") || die "delta lacks program file ($!)";
 	my $program=<IN>;
 	chomp $program;
+	if (! grep { $program eq $_ } @supported_bzip2_programs) {
+		die "paranoia check failed on program file from delta ($program)";
+	}
 	close IN;
 
 	# arbitrary?