[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug-cpio] Missing Permission Bug
|
From: |
Yuan Jochen Kang |
|
Subject: |
[Bug-cpio] Missing Permission Bug |
|
Date: |
Wed, 31 May 2017 19:58:38 -0400 |
Dear cpio developers,
We are security researchers at Columbia University and we were testing a bug-finding tool on cpio. We found a bug in version 2.12 of cpio on Ubuntu 16.04 due to inadequate directory permissions.
In Linux, when an extracted directory does not have execute permissions, then cpio is unable to extract its contents into it. But cpio_mkdir in src/util.c only checks if the write flag is missing, and only adds that flag to the directory's mode. The if condition, "!(file_hdr->c_mode & S_IWUSR)" should therefore be changed to "(file_hdr->c_mode & (S_IWUSR | S_IXUSR)) != (S_IWUSR | S_IXUSR)", and the flags in mkdir should be changed from "mode | S_IWUSR" to "mode | S_IWUSR | S_IXUSR".
Thanks,
Yuan Kang
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Bug-cpio] Missing Permission Bug,
Yuan Jochen Kang <=