Avoid extracting files through symlinks

* scripts/Dpkg/Source/Package/V2_0.pm (do_extract): Now
that the debian tarball is extracted in-place over the
unpacked source directory, it's important to not let tar
unpack files in symlinked directories (otherwise it would
be possible to write files outside of the unpacked
source tree).

diff --git a/scripts/Dpkg/Source/Package/V2_0.pm b/scripts/Dpkg/Source/Package/V2_0.pm
index 0a24da2ba8ce25cc2f276f223bb62811f0534ca6..a25636145d0bfe3b71b0510276890b79538d785e 100644 (file)
--- a/scripts/Dpkg/Source/Package/V2_0.pm
+++ b/scripts/Dpkg/Source/Package/V2_0.pm
@@ -36,6 +36,7 @@ use File::Basename;
 use File::Temp qw(tempfile tempdir);
 use File::Path;
 use File::Spec;
+use File::Find;
 
 sub init_options {
     my ($self) = @_;
@@ -118,8 +119,20 @@ sub do_extract {
     # Extract debian tarball after removing the debian directory
     info(_g("unpacking %s"), $debianfile);
     erasedir("$newdirectory/debian");
+    # Exclude existing symlinks from extraction of debian.tar.gz as we
+    # don't want to overwrite something outside of $newdirectory due to a
+    # symlink
+    my @exclude_symlinks;
+    my $wanted = sub {
+        return if not -l $_;
+        my $fn = File::Spec->abs2rel($_, $newdirectory);
+        push @exclude_symlinks, "--exclude", $fn;
+    };
+    find({ wanted => $wanted, no_chdir => 1 }, $newdirectory);
     $tar = Dpkg::Source::Archive->new(filename => "$dscdir$debianfile");
-    $tar->extract($newdirectory, in_place => 1);
+    $tar->extract($newdirectory, in_place => 1,
+                  options => [ '--anchored', '--no-wildcards',
+                  @exclude_symlinks ]);
 
     # Apply patches (in a separate method as it might be overriden)
     $self->apply_patches($newdirectory);