ChangeLog rotatation and copyright year update

[deliverable/binutils-gdb.git] / binutils / ar.c

diff --git a/binutils/ar.c b/binutils/ar.c
index 69f20f95c0f8ecc3cdb7cb61efb1fbbb24ad92b3..48a052c2a8cde930edb55f92d2c25747fafd9c8c 100644 (file)
--- a/binutils/ar.c
+++ b/binutils/ar.c
@@ -1,5 +1,5 @@
 /* ar.c - Archive modify and extract.
-   Copyright (C) 1991-2014 Free Software Foundation, Inc.
+   Copyright (C) 1991-2015 Free Software Foundation, Inc.
 
    This file is part of GNU Binutils.
 
@@ -138,7 +138,11 @@ static int show_version = 0;
 
 static int show_help = 0;
 
+#if BFD_SUPPORTS_PLUGINS
+static const char *plugin_target = "plugin";
+#else
 static const char *plugin_target = NULL;
+#endif
 
 static const char *target = NULL;
 
@@ -571,7 +575,6 @@ decode_options (int argc, char **argv)
           break;
        case OPTION_PLUGIN:
 #if BFD_SUPPORTS_PLUGINS
-         plugin_target = "plugin";
          bfd_plugin_set_plugin (optarg);
 #else
          fprintf (stderr, _("sorry - this program has been built without plugin support\n"));
@@ -632,7 +635,6 @@ ranlib_main (int argc, char **argv)
          /* PR binutils/13493: Support plugins.  */
        case OPTION_PLUGIN:
 #if BFD_SUPPORTS_PLUGINS
-         plugin_target = "plugin";
          bfd_plugin_set_plugin (optarg);
 #else
          fprintf (stderr, _("sorry - this program has been built without plugin support\n"));
@@ -1032,6 +1034,15 @@ extract_file (bfd *abfd)
   bfd_size_type size;
   struct stat buf;
 
+  /* PR binutils/17533: Do not allow directory traversal
+     outside of the current directory tree.  */
+  if (! is_valid_archive_path (bfd_get_filename (abfd)))
+    {
+      non_fatal (_("illegal pathname found in archive member: %s"),
+                bfd_get_filename (abfd));
+      return;
+    }
+
   if (bfd_stat_arch_elt (abfd, &buf) != 0)
     /* xgettext:c-format */
     fatal (_("internal stat error on %s"), bfd_get_filename (abfd));