HBSD: Fix "libarchive vulnerability 4"

Note that this breaks some capatibility. Oh well, this is only temporary until upstream FreeBSD and libarchive come up with a permanent fix. This disables hardlink data support, returning EPERM in that case. bsdtar continues on, ignoring the EPERM, but does not exhibit the vulnerability. Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org> MFC-to: 11-STABLE MFC-to: 10-STABLE
HardenedBSD · Aug 4, 2016 · 6a6ac73 · 6a6ac73
1 parent acc5eae
commit 6a6ac73
Showing 1 changed file with 4 additions and 5 deletions.
diff --git a/contrib/libarchive/libarchive/archive_write_disk_posix.c b/contrib/libarchive/libarchive/archive_write_disk_posix.c
@@ -2034,16 +2034,15 @@ create_filesystem_object(struct archive_write_disk *a)
 		 * This is consistent with GNU tar and BSD pax.
 		 * If the hardlink does carry data, let the last
 		 * archive entry decide ownership.
+		 *
+		 * XXX HardenedBSD: We have removed the hardlink data
+		 * support. We now return EPERM in this case.
 		 */
 		if (r == 0 && a->filesize <= 0) {
 			a->todo = 0;
 			a->deferred = 0;
 		} else if (r == 0 && a->filesize > 0) {
-			a->fd = open(a->name,
-				     O_WRONLY | O_TRUNC | O_BINARY | O_CLOEXEC);
-			__archive_ensure_cloexec_flag(a->fd);
-			if (a->fd < 0)
-				r = errno;
+			return (EPERM);
 		}
 		return (r);
 #endif