[SCM] Git repository for devscripts branch, master, updated. v2.12.2-50-g2afe289

Sat Sep 15 19:42:38 UTC 2012

The following commit has been merged in the master branch:
commit 0fd15bdec07b085f9ef438dacd18e159ac60b810
Author: Adam D. Barratt <adam at adam-barratt.org.uk>
Date:   Fri Sep 14 12:37:26 2012 -0500

    dget: fix arbitrary file deletion (CVE-2012-2241)
    
    Reviewed-by: Raphael Geissert <geissert at debian.org>
    Signed-off-by: Raphael Geissert <geissert at debian.org>
    Signed-off-by: James McCoy <jamessan at debian.org>

diff --git a/scripts/dget.pl b/scripts/dget.pl
index 2ed2d36..f6e7706 100755
--- a/scripts/dget.pl
+++ b/scripts/dget.pl
@@ -238,7 +238,10 @@ sub parse_file {
     open $fh, $file or die "$file: $!";
     while (<$fh>) {
 	if (/^ ([0-9a-f]{32}) (?:\S+ )*(\S+)$/) {
-	    get_file($dir, $2, $1) or return;
+	    my ($_sum, $_file) = ($1, $2);
+	    $_file !~ m,[/\x00],
+		or die "File name contains invalid characters: $_file";
+            get_file($dir, $_file, $_sum) or return;
 	}
     }
     close $fh;

-- 
Git repository for devscripts

