Bug#521613: perl-modules: Archive::Tar doesn't detect some bad tar files
Vincent Lefevre
vincent at vinc17.org
Sat Mar 28 22:55:11 UTC 2009
Package: perl-modules
Version: 5.10.0-19
Severity: important
[Severity set to important because of possible data loss due to
incorrect integrity checking.]
The following script (named tar-test below), that outputs file names
from tar files, doesn't detect some bad tar files.
------------------------------------------------------------------
#!/usr/bin/env perl
use strict;
use Archive::Tar;
my $tar = Archive::Tar->new;
defined $tar->read($ARGV[0]) or die "cannot read tar file\n";
my $err = $tar->error();
$err ne '' and die "$err\n";
foreach my $f ($tar->get_files)
{ print $f->name, "\n"; }
------------------------------------------------------------------
vin% cat bar
foo
vin% tar tf bar
tar: This does not look like a tar archive
tar: Error exit delayed from previous errors
vin% ./tar-test bar
vin%
The tar-test Perl script should have ended with an error (like the
tar utility).
-- System Information:
Debian Release: squeeze/sid
APT prefers oldstable
APT policy: (500, 'oldstable'), (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26.5-20080922 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=POSIX, LC_CTYPE=en_US.ISO8859-1 (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
Versions of packages perl-modules depends on:
ii perl 5.10.0-19 Larry Wall's Practical Extraction
perl-modules recommends no packages.
perl-modules suggests no packages.
-- no debconf information
More information about the Perl-maintainers
mailing list