static void
obstack_code_rename (struct obstack *stk, char *from, char *to)
{
+ char *s;
+
+ s = from[0] == 0 ? from :
+ safer_name_suffix (from, false, absolute_names_option);
obstack_1grow (stk, 'R');
- obstack_grow (stk, from, strlen (from) + 1);
+ obstack_grow (stk, s, strlen (s) + 1);
+
+ s = to[0] == 0 ? to:
+ safer_name_suffix (to, false, absolute_names_option);
obstack_1grow (stk, 'T');
- obstack_grow (stk, to, strlen (to) + 1);
+ obstack_grow (stk, s, strlen (s) + 1);
}
static bool
arc += strlen (arc) + 1;
dst = arc + 1;
+ /* Ensure that neither source nor destination are absolute file
+ names (unless permitted by -P option), and that they do not
+ contain dubious parts (e.g. ../).
+
+ This is an extra safety precaution. Besides, it might be
+ necessary to extract from archives created with tar versions
+ prior to 1.19. */
+
+ if (*src)
+ src = safer_name_suffix (src, false, absolute_names_option);
+ if (*dst)
+ dst = safer_name_suffix (dst, false, absolute_names_option);
+
if (*src == 0)
src = temp_stub;
else if (*dst == 0)