This is the mail archive of the
cygwin@cygwin.com
mailing list for the Cygwin project.
tar port special DOS/Windows device name
- To: cygwin at cygwin dot com
- Subject: tar port special DOS/Windows device name
- From: 3APA3A <3APA3A at SECURITY dot NNOV dot RU>
- Date: Thu, 5 Jul 2001 17:22:01 +0400
- Organization: http://www.security.nnov.ru
- Reply-To: 3APA3A <3APA3A at SECURITY dot NNOV dot RU>
I've reported problem to GNU tar developers, they replied it's cygwin
problem, DJGPP port of tar supported by GNU doesn't have this problem.
Since reply contains very useful information I've attached it. There
is another security problem in currently developing version 1.13.19
(directory traversal) I believe it's not time to patch this problem in
cygwin right now, but it's better wait until directory traversal bug
will be completely fixed by GNU developers and then patch already
updated version.
Sure, port of unzip also has same problems (both directory traversal
and special devices), but I was unable to contact authors.
-=-=-=-=-=-
Hello support,
If archive contains file with special name (such as prn, lpt1, com1,
con, etc) it will be extracted to this device instead of file. Tested
with pkzipc, WinRAR, rar, WinZip, tar (cygwin port under windows). In
case of WinZip and tar file will be extracted silently, in other cases
overwrite confirmation required.
This problem is only DOS/Windows specific. Tested on Windows NT/2000.
To test: make sure PRN: (usually PRN: is an alias to LPT1:) is
functioning (that is you have printer connected to LPT1) and try to
extract attached ZIP, TAR or RAR archive. It should print 1 page on
PCL-compatible printer.
--
http://www.security.nnov.ru
/\_/\
{ . . } |\
+--oQQo->{ ^ }<-----+ \
| 3APA3A U 3APA3A }
+-------------o66o--+ /
|/
You know my name - look up my number (The Beatles)
- To: 3APA3A <3APA3A at SECURITY dot NNOV dot RU>
- Subject: Re: File archivers and special DOS/Windows device names
- From: Eli Zaretskii <eliz at is dot elta dot co dot il>
- Date: Thu, 5 Jul 2001 13:14:38 +0300 (IDT)
- CC: support at winzip dot com, PKWARE Technical Support <techsupp at pkware dot com>, Eugene Roshal <roshal at rarsoft dot com>, <bug-gnu-utils at prep dot ai dot mit dot edu>, Paul Eggert <eggert at twinsun dot com>
On Thu, 5 Jul 2001, 3APA3A wrote:
> If archive contains file with special name (such as prn, lpt1, com1,
> con, etc) it will be extracted to this device instead of file. Tested
> with pkzipc, WinRAR, rar, WinZip, tar (cygwin port under windows). In
> case of WinZip and tar file will be extracted silently, in other cases
> overwrite confirmation required.
I cannot speak for WinZip, pkzip, and other programs, but as for GNU Tar,
what you mention is a bug in the ported Cygwin executable. Try the DJGPP
port of Tar, and you will see that it handles such file names gracefully:
ftp://ftp.simtel.net/pub/simtelnet/gnu/djgpp/v2gnu/tar112ab.zip
Also, `prn' and `lpt1' are just a sample of the special names. Any
device driver which can be reached by opening a special file name will
cause such problems; thus the list of the offending names cannot be
known in advance, since additional device drivers can be installed on
the target system.
In addition, the file-name extension is ignored when the basename
matches. So `aux.lst', `prn.c', `con.foo', and an infinite number of
other similar names--all of them are prone to this problem. Some of the
devices will actually wedge the DOS box if you try to extract a file by
that name; kids, don't try that at home!
prntest.tar
prntest.zip
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/