Without this, under various conditions, (including file_name being
a directory), maybe_backup_file would return true without having
done anything, nor having set after_backup_name. Then, if any
error was detected while extracting the member, (such as directory
already exists), the previously backed-up file would be restored,
potentially destroying user data.
This closes Debian bug #508199, with thanks to Eric Lammerts for
reporting it with a concise test case.
+tar (1.22-3) UNRELEASED; urgency=low
+
+ * Avoid incorrectly restoring old backup file, closes: #508199
+
+ -- Carl Worth <cworth@cworth.org> Tue, 04 Aug 2009 17:16:43 -0700
+
tar (1.22-2) unstable; urgency=low
* Add Carl Worth as an uploader.
tar (1.22-2) unstable; urgency=low
* Add Carl Worth as an uploader.
if (this_is_the_archive && _remdev (file_name))
return true;
if (this_is_the_archive && _remdev (file_name))
return true;
+ /* Ensure that no previously backed-up file remains in case we
+ * return early. */
+ assign_string (&after_backup_name, 0);
+
if (stat (file_name, &file_stat))
{
if (errno == ENOENT)
if (stat (file_name, &file_stat))
{
if (errno == ENOENT)