rpms / file-roller

Clone
Source Code
GIT

Blame SOURCES/file-roller-3.28.1-CVE-2019-16680.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s
  1.   c8
  2.   SOURCES
  3.   file-roller-3.28.1-CVE-2019-16680.patch
Blob History Raw
9c940f 
From 57268e51e59b61c9e3125eb0f65551c7084297e2 Mon Sep 17 00:00:00 2001
9c940f 
From: Paolo Bacchilega <paobac@src.gnome.org>
9c940f 
Date: Mon, 27 Aug 2018 15:15:42 +0200
9c940f 
Subject: [PATCH] Path traversal vulnerability
9c940f
9c940f 
Do not extract files with relative paths.
9c940f
9c940f 
[bug #794337]
9c940f 
---
9c940f 
 src/glib-utils.c | 2 +-
9c940f 
 1 file changed, 1 insertion(+), 1 deletion(-)
9c940f
9c940f 
diff --git a/src/glib-utils.c b/src/glib-utils.c
9c940f 
index 6d345243..c3901410 100644
9c940f 
--- a/src/glib-utils.c
9c940f 
+++ b/src/glib-utils.c
9c940f 
@@ -1079,7 +1079,7 @@ sanitize_filename (const char *file_name)
9c940f 
 	prefix_len = 0;
9c940f 
 	for (p = file_name; *p; ) {
9c940f 
 		if (ISDOT (p[0]) && ISDOT (p[1]) && (ISSLASH (p[2]) || !p[2]))
9c940f 
-			prefix_len = p + 2 - file_name;
9c940f 
+			return NULL;
9c940f
9c940f 
 		do {
9c940f 
 			char c = *p++;
9c940f 
--
9c940f 
2.26.2
9c940f

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation