From 552a18061460342af014e69c7cee26bb5bf358ef Mon Sep 17 00:00:00 2001
From: j-p-e-g <j-p-e-g@c06c8d41-db1a-0410-9941-cceddc491573>
Date: Sat, 25 Jul 2009 12:36:43 +0000
Subject: * Add support for packaging save files with tar. (Patch by Trent W.
 Buck.) * Fix random blink placing the player in dangerous clouds. * Fix
 message when trying to place Conjure Flame in a wax wall.

git-svn-id: https://crawl-ref.svn.sourceforge.net/svnroot/crawl-ref/trunk@10397 c06c8d41-db1a-0410-9941-cceddc491573
---
 crawl-ref/source/AppHdr.h | 25 +++++++++++++++++++++++--
 1 file changed, 23 insertions(+), 2 deletions(-)

(limited to 'crawl-ref/source/AppHdr.h')

diff --git a/crawl-ref/source/AppHdr.h b/crawl-ref/source/AppHdr.h
index 3c91b2ef07..e1cbba9582 100644
--- a/crawl-ref/source/AppHdr.h
+++ b/crawl-ref/source/AppHdr.h
@@ -402,17 +402,38 @@
     //
     // PACKAGE_SUFFIX is used when the package file name is needed
     //
+
+/*
+    FIXME: Unless sanitized elsewhere in the codebase, a specially crafted
+           save directory or character name will allow arbitrary code execution
+           with escalated privileges (namely, with group "games").
+    FIXME: replace system(3) with fork(2) and execve(2).
+*/
+
     // Comment these lines out if you want to leave the save files uncompressed.
+    #define SAVE_PACKAGE_ZIP
+//     #define SAVE_PACKAGE_TAR
+
+#ifdef SAVE_PACKAGE_ZIP
+    #define PACKAGE_SUFFIX      ".zip"
     #define SAVE_PACKAGE_CMD    "/usr/bin/zip -m -q -j -1 %s.zip %s.*"
     #define LOAD_UNPACKAGE_CMD  "/usr/bin/unzip -q -o %s.zip -d %s"
+#else
+#ifdef SAVE_PACKAGE_TAR
+    #define PACKAGE_SUFFIX      ".tgz"
+
+    // The --absolute-names switch is only there to suppress noise on
+    // stdout. All the paths are removed later by --transform.
+    #define SAVE_PACKAGE_CMD "tar -zcf %s.tgz --remove-files --absolute-names --transform=s:.*/:: %s.*"
+    #define LOAD_UNPACKAGE_CMD "tar -zxf %s.tgz -C %s"
+#endif
+#endif
 
 #ifdef SAVE_PACKAGE_CMD
     // This is used to unpack specific files from the archive.
     #define UNPACK_SPECIFIC_FILE_CMD LOAD_UNPACKAGE_CMD " %s"
 #endif
 
-    #define PACKAGE_SUFFIX      ".zip"
-
     // This defines the chmod permissions for score and bones files.
     #define SHARED_FILES_CHMOD_PRIVATE  0664
     #define SHARED_FILES_CHMOD_PUBLIC   0664
-- 
cgit v1.2.3-54-g00ecf