From f2c232f10f984b6d796123cbf76ed3409f131511 Mon Sep 17 00:00:00 2001
From: Rasmus Thomsen <rasmus.thomsen@protonmail.com>
Date: Sat, 13 Oct 2018 12:45:53 +0200
Subject: [PATCH] libtar: fix CVE-2013-4420

also fix the homepage&license in the process
---
 srcpkgs/libtar/patches/CVE-2013-4420.patch | 113 +++++++++++++++++++++
 srcpkgs/libtar/template                    |   9 +-
 2 files changed, 118 insertions(+), 4 deletions(-)
 create mode 100644 srcpkgs/libtar/patches/CVE-2013-4420.patch

diff --git a/srcpkgs/libtar/patches/CVE-2013-4420.patch b/srcpkgs/libtar/patches/CVE-2013-4420.patch
new file mode 100644
index 00000000000..249d8415d07
--- /dev/null
+++ b/srcpkgs/libtar/patches/CVE-2013-4420.patch
@@ -0,0 +1,113 @@
+Author: Raphael Geissert <geissert@debian.org>
+Bug-Debian: https://bugs.debian.org/731860
+Description: Avoid directory traversal when extracting archives 
+ by skipping over leading slashes and any prefix containing ".." components.
+Forwarded: yes
+
+--- a/lib/decode.c
++++ b/lib/decode.c
+@@ -22,13 +22,42 @@
+ # include <string.h>
+ #endif
+ 
++char *
++safer_name_suffix (char const *file_name)
++{
++       char const *p, *t;
++       p = t = file_name;
++       while (*p == '/') t = ++p;
++       while (*p)
++       {
++               while (p[0] == '.' && p[0] == p[1] && p[2] == '/')
++               {
++                       p += 3;
++                       t = p;
++               }
++               /* advance pointer past the next slash */
++               while (*p && (p++)[0] != '/');
++       }
++
++       if (!*t)
++       {
++               t = ".";
++       }
++
++       if (t != file_name)
++       {
++               /* TODO: warn somehow that the path was modified */
++       }
++       return (char*)t;
++}
++
+ 
+ /* determine full path name */
+ char *
+ th_get_pathname(TAR *t)
+ {
+        if (t->th_buf.gnu_longname)
+-               return t->th_buf.gnu_longname;
++               return safer_name_suffix(t->th_buf.gnu_longname);
+ 
+        /* allocate the th_pathname buffer if not already */
+        if (t->th_pathname == NULL)
+@@ -51,7 +80,7 @@ th_get_pathname(TAR *t)
+        }
+ 
+        /* will be deallocated in tar_close() */
+-       return t->th_pathname;
++       return safer_name_suffix(t->th_pathname);
+ }
+ 
+ 
+--- a/lib/extract.c
++++ b/lib/extract.c
+@@ -298,14 +298,14 @@ tar_extract_hardlink(TAR * t, char *real
+        if (mkdirhier(dirname(filename)) == -1)
+                return -1;
+        libtar_hashptr_reset(&hp);
+-       if (libtar_hash_getkey(t->h, &hp, th_get_linkname(t),
++       if (libtar_hash_getkey(t->h, &hp, safer_name_suffix(th_get_linkname(t)),
+                               (libtar_matchfunc_t)libtar_str_match) != 0)
+        {
+                lnp = (char *)libtar_hashptr_data(&hp);
+                linktgt = &lnp[strlen(lnp) + 1];
+        }
+        else
+-               linktgt = th_get_linkname(t);
++               linktgt = safer_name_suffix(th_get_linkname(t));
+ 
+ #ifdef DEBUG
+        printf("  ==> extracting: %s (link to %s)\n", filename, linktgt);
+@@ -343,9 +343,9 @@ tar_extract_symlink(TAR *t, char *realna
+ 
+ #ifdef DEBUG
+        printf("  ==> extracting: %s (symlink to %s)\n",
+-              filename, th_get_linkname(t));
++              filename, safer_name_suffix(th_get_linkname(t)));
+ #endif
+-       if (symlink(th_get_linkname(t), filename) == -1)
++       if (symlink(safer_name_suffix(th_get_linkname(t)), filename) == -1)
+        {
+ #ifdef DEBUG
+                perror("symlink()");
+--- a/lib/internal.h
++++ b/lib/internal.h
+@@ -21,3 +21,4 @@
+ #define TLS_THREAD
+ #endif
+ 
++char* safer_name_suffix(char const*);
+--- a/lib/output.c
++++ b/lib/output.c
+@@ -123,9 +123,9 @@ th_print_long_ls(TAR *t)
+                else
+                        printf(" link to ");
+                if ((t->options & TAR_GNU) && t->th_buf.gnu_longlink != NULL)
+-                       printf("%s", t->th_buf.gnu_longlink);
++                       printf("%s", safer_name_suffix(t->th_buf.gnu_longlink));
+                else
+-                       printf("%.100s", t->th_buf.linkname);
++                       printf("%.100s", safer_name_suffix(t->th_buf.linkname));
+        }
+ 
+        putchar('\n');
diff --git a/srcpkgs/libtar/template b/srcpkgs/libtar/template
index 5dcc1e1ca2a..57767b22a9e 100644
--- a/srcpkgs/libtar/template
+++ b/srcpkgs/libtar/template
@@ -1,16 +1,17 @@
 # Template file for 'libtar'
 pkgname=libtar
 version=1.2.20
-revision=2
+revision=3
 wrksrc="$pkgname"
+patch_args="-Np1"
 build_style=gnu-configure
 hostmakedepends="automake libtool pkg-config"
 makedepends="zlib-devel"
 short_desc="C library for manipulating POSIX tar files"
 maintainer="Juan RP <xtraeme@voidlinux.eu>"
-license="BSD"
-homepage="http://www.feep.net/libtar/"
-distfiles="ftp://ftp.netbsd.org/pub/pkgsrc/distfiles/libtar-${version}.tar.gz"
+license="BSD-3-Clause"
+homepage="https://repo.or.cz/w/libtar.git"
+distfiles="https://ftp.netbsd.org/pub/pkgsrc/distfiles/libtar-${version}.tar.gz"
 checksum=43c5f50e6b4398c8be35d6f3abee26064c3f26174715b60004576792e3283353
 
 post_install() {