# --- T2-COPYRIGHT-NOTE-BEGIN ---
# This copyright note is auto-generated by ./scripts/Create-CopyPatch.
# 
# T2 SDE: package/.../tar/CVE-2006-6097.patch
# Copyright (C) 2007 The T2 SDE Project
# 
# More information can be found in the files COPYING and README.
# 
# This patch file is dual-licensed. It is available under the license the
# patched project is licensed under, as long as it is an OpenSource license
# as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms
# of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
# --- T2-COPYRIGHT-NOTE-END ---

diff -Nur tar-1.15.1-orig/src/common.h tar-1.15.1/src/common.h
--- tar-1.15.1-orig/src/common.h	2004-12-21 14:31:58.000000000 +0000
+++ tar-1.15.1/src/common.h	2007-01-02 12:24:05.000000000 +0000
@@ -124,6 +124,9 @@
 
 GLOBAL bool absolute_names_option;
 
+/* Allow GNUTYPE_NAMES type? */
+GLOBAL bool allow_name_mangling_option;
+
 /* Display file times in UTC */
 GLOBAL bool utc_option;
 
diff -Nur tar-1.15.1-orig/src/extract.c tar-1.15.1/src/extract.c
--- tar-1.15.1-orig/src/extract.c	2004-12-21 09:55:12.000000000 +0000
+++ tar-1.15.1/src/extract.c	2007-01-02 12:24:05.000000000 +0000
@@ -1101,7 +1101,13 @@
       break;
 
     case GNUTYPE_NAMES:
-      extract_mangle ();
+      if (allow_name_mangling_option) {
+          extract_mangle ();
+      }
+      else {
+          ERROR ((0, 0, _("GNUTYPE_NAMES mangling ignored")));
+          skip_member ();
+      }
       break;
 
     case GNUTYPE_MULTIVOL:
diff -Nur tar-1.15.1-orig/src/tar.c tar-1.15.1/src/tar.c
--- tar-1.15.1-orig/src/tar.c	2004-12-21 14:11:26.000000000 +0000
+++ tar-1.15.1/src/tar.c	2007-01-02 12:24:05.000000000 +0000
@@ -181,6 +181,7 @@
 enum
 {
   ANCHORED_OPTION = CHAR_MAX + 1,
+  ALLOW_NAME_MANGLING_OPTION,
   ATIME_PRESERVE_OPTION,
   BACKUP_OPTION,
   CHECKPOINT_OPTION,
@@ -528,6 +529,8 @@
 
   {NULL, 'o', 0, 0,
    N_("when creating, same as --old-archive. When extracting, same as --no-same-owner"), 91 },
+  {"allow-name-mangling", ALLOW_NAME_MANGLING_OPTION, 0, 0,
+   N_("when creating, allow GNUTYPE_NAMES mangling -- considered dangerous"), 91 },
 
   {NULL, 0, NULL, 0,
    N_("Other options:"), 100 },
@@ -913,6 +916,10 @@
     case 'Z':
       set_use_compress_program_option ("compress");
       break;
+
+    case ALLOW_NAME_MANGLING_OPTION:
+      allow_name_mangling_option = true;
+      break;
       
     case ANCHORED_OPTION:
       args->exclude_options |= EXCLUDE_ANCHORED;