Re: bin/52295: find -delete: "relative path not safe" with absolute paths ...

To: gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,tho%netbsd.org@localhost
Subject: Re: bin/52295: find -delete: "relative path not safe" with absolute paths ...
From: "Anthony Mallet" <mallet%laas.fr@localhost>
Date: Tue, 13 Jun 2017 12:35:01 +0000 (UTC)

The following reply was made to PR bin/52295; it has been noted by GNATS.

From: "Anthony Mallet" <mallet%laas.fr@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc: 
Subject: Re: bin/52295: find -delete: "relative path not safe" with absolute paths ...
Date: Tue, 13 Jun 2017 14:30:27 +0200

 OpenBSD seems to not have the issue. Here is a fix (from their code):

 Index: usr.bin/find/function.c
 ===================================================================
 RCS file: /cvsroot/src/usr.bin/find/function.c,v
 retrieving revision 1.72
 diff -u -r1.72 function.c
 --- usr.bin/find/function.c     4 May 2013 06:29:32 -0000       1.72
 +++ usr.bin/find/function.c     13 Jun 2017 12:29:17 -0000
 @@ -374,7 +374,8 @@
                 errx(1, "-delete: insecure options got turned on");

         /* Potentially unsafe - do not accept relative paths whatsoever */
 -       if (strchr(entry->fts_accpath, '/') != NULL)
 +       if (entry->fts_level > 0 &&
 +           strchr(entry->fts_accpath, '/') != NULL)
                 errx(1, "-delete: %s: relative path potentially not safe",
                         entry->fts_accpath);

Prev by Date: bin/52295: find -delete: "relative path not safe" with absolute paths ...
Next by Date: PR/52295 CVS commit: src/usr.bin/find
Previous by Thread: bin/52295: find -delete: "relative path not safe" with absolute paths ...
Next by Thread: PR/52295 CVS commit: src/usr.bin/find
Indexes:

Home | Main Index | Thread Index | Old Index