Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve support for safe symlink extraction #763

Closed
wants to merge 7 commits into from
Closed

Improve support for safe symlink extraction #763

wants to merge 7 commits into from

Commits on Feb 13, 2024

  1. Rewrite symlink sanitization logic 

    We can rewrite symlinks to ensure they are always relative
and remain within the extraction directory.
    @qkaiser
    Andrew Fasano authored and qkaiser committed Feb 13, 2024
    Configuration menu
    Copy the full SHA
    096b64c View commit details
    Browse the repository at this point in the history

  2. Bugfix: Symlink destination is influenced by source path

    @qkaiser
    Andrew Fasano authored and qkaiser committed Feb 13, 2024
    Configuration menu
    Copy the full SHA
    678d97d View commit details
    Browse the repository at this point in the history

  3. Bugfixes for backwards symlink creation and backwards CPIO extractor … 

    …symlink creation
    @qkaiser
    Andrew Fasano authored and qkaiser committed Feb 13, 2024
    Configuration menu
    Copy the full SHA
    3d7e848 View commit details
    Browse the repository at this point in the history

  4. Bugfix in create_symlink: convert destination, not source to relative… 

    … paths
    @qkaiser
    Andrew Fasano authored and qkaiser committed Feb 13, 2024
    Configuration menu
    Copy the full SHA
    400df8c View commit details
    Browse the repository at this point in the history

  5. Bugfix: Check symlink safety relative to link name in tarfile extraction

    @qkaiser
    Andrew Fasano authored and qkaiser committed Feb 13, 2024
    Configuration menu
    Copy the full SHA
    e734195 View commit details
    Browse the repository at this point in the history

  6. Bugfix: for absolute links in tarfile extraction 

    Explicitly use extract_root in output path instead of ./ to avoid
issues with symlinks within directories.
    @qkaiser
    Andrew Fasano authored and qkaiser committed Feb 13, 2024
    Configuration menu
    Copy the full SHA
    dfdf3e3 View commit details
    Browse the repository at this point in the history

  7. Safe_tarfile: make paths safe during extraction

    @qkaiser
    Andrew Fasano authored and qkaiser committed Feb 13, 2024
    Configuration menu
    Copy the full SHA
    1b98609 View commit details
    Browse the repository at this point in the history