From: Andrew Gregory <andrew.gregory.8@gmail.com>
Date: Fri, 15 Jan 2016 07:39:41 +0000 (-0500)
Subject: Skip root directory symlink check
X-Git-Tag: v3.1.901a~9^2~16^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=41ae0cf83bd0c144d0f4c296223341e54513eebd;p=thirdparty%2Flibarchive.git

Skip root directory symlink check

The first time check_symlinks is called on an absolute path it will use
the entry pathname directly, blanking the leading slash.  This leads to
calling lstat on an empty string, which returns ENOENT, terminating the
loop early and falsely marking the path as safe.
---

diff --git a/libarchive/archive_write_disk_posix.c b/libarchive/archive_write_disk_posix.c
index 1eb0e91d7..6737cd755 100644
--- a/libarchive/archive_write_disk_posix.c
+++ b/libarchive/archive_write_disk_posix.c
@@ -2386,6 +2386,9 @@ check_symlinks(struct archive_write_disk *a)
 		while ((*pn != '\0') && (*p == *pn))
 			++p, ++pn;
 	}
+	/* Skip the root directory if the path is absolute. */
+	if(pn == a->name && pn[0] == '/')
+		++pn;
 	c = pn[0];
 	/* Keep going until we've checked the entire name. */
 	while (pn[0] != '\0' && (pn[0] != '/' || pn[1] != '\0')) {