From: Gary V. Vaughan <gary@gnu.org>
Date: Wed, 2 Mar 2005 10:33:56 +0000 (+0000)
Subject: * libtoolize.m4sh (func_copy_cb): Use tar chof to avoid symlink
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f408b9a7f23d643fe4cc07878971f94d45d991a5;p=thirdparty%2Flibtool.git

* libtoolize.m4sh (func_copy_cb): Use tar chof to avoid symlink
attacks.
* libltdl/Makefile.am, libltdl/loaders/Makefile.am
(install-data-local): Ditto.
---

diff --git a/ChangeLog b/ChangeLog
index 0c29e9d92..ccf5c4bac 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2005-03-02  Gary V. Vaughan  <gary@gnu.org>
+
+	* libtoolize.m4sh (func_copy_cb): Use tar chof to avoid symlink
+	attacks.
+	* libltdl/Makefile.am, libltdl/loaders/Makefile.am
+	(install-data-local): Ditto.
+
 2005-02-27  Gary V. Vaughan  <gary@gnu.org>
 
 	In branch-2-0 (and in time, others) ltversion.m4 has a dot
diff --git a/libltdl/Makefile.am b/libltdl/Makefile.am
index 0a483ec8b..ef14f558e 100644
--- a/libltdl/Makefile.am
+++ b/libltdl/Makefile.am
@@ -77,7 +77,7 @@ ltdldatafiles		= COPYING.LIB Makefile.am README configure.ac \
 ## with libtoolize, we have to preserve their timestamps carefully:
 install-data-local:
 	$(mkinstalldirs) $(DESTDIR)$(ltdldatadir)
-	( cd $(srcdir) && $(AMTAR) cf - $(ltdldatafiles); ) \
+	( cd $(srcdir) && $(AMTAR) chof - $(ltdldatafiles); ) \
 	  | ( cd $(DESTDIR)$(ltdldatadir) && $(AMTAR) xf -; )
 
 ## Make sure these will be cleaned even when they're not built by default:
diff --git a/libltdl/loaders/Makefile.am b/libltdl/loaders/Makefile.am
index 5b6415584..197df4583 100644
--- a/libltdl/loaders/Makefile.am
+++ b/libltdl/loaders/Makefile.am
@@ -54,5 +54,5 @@ ltdldatafiles		= Makefile.am dld_link.c dlopen.c dyld.c \
 ## with libtoolize, we have to preserve their timestamps carefully:
 install-data-local:
 	$(mkinstalldirs) $(DESTDIR)$(ltdldatadir)
-	( cd $(srcdir) && $(AMTAR) cf - $(ltdldatafiles) preopen.c; ) \
+	( cd $(srcdir) && $(AMTAR) chof - $(ltdldatafiles); ) \
 	  | ( cd $(DESTDIR)$(ltdldatadir) && $(AMTAR) xf -; )
diff --git a/libtoolize.m4sh b/libtoolize.m4sh
index a068e9fb3..f35cfd4a1 100644
--- a/libtoolize.m4sh
+++ b/libtoolize.m4sh
@@ -230,7 +230,7 @@ func_copy_cb ()
     if $opt_link && $LN_S "$my_srcdir/$my_file" "$my_destdir/$my_file"; then
       $opt_quiet || func_echo "copying file \`$my_destdir/$my_file'"
       copy_return_status=0
-    elif { ( cd "$my_srcdir" && $TAR cf - "$my_file" 2> /dev/null; ) \
+    elif { ( cd "$my_srcdir" && $TAR chof - "$my_file" 2> /dev/null; ) \
         | ( cd "$my_destdir" && "$TAR" xf - > /dev/null 2>&1; ) } ; then
       $opt_quiet || func_echo "copying file \`$my_destdir/$my_file'"
       copy_return_status=0