rpms / file-roller

Clone
Source Code
GIT

Blame SOURCES/file-roller-3.28.1-CVE-2019-16680.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s
  1.   c8s
  2.   SOURCES
  3.   file-roller-3.28.1-CVE-2019-16680.patch
Blob History Raw
d962d2 
From 57268e51e59b61c9e3125eb0f65551c7084297e2 Mon Sep 17 00:00:00 2001
d962d2 
From: Paolo Bacchilega <paobac@src.gnome.org>
d962d2 
Date: Mon, 27 Aug 2018 15:15:42 +0200
d962d2 
Subject: [PATCH] Path traversal vulnerability
d962d2
d962d2 
Do not extract files with relative paths.
d962d2
d962d2 
[bug #794337]
d962d2 
---
d962d2 
 src/glib-utils.c | 2 +-
d962d2 
 1 file changed, 1 insertion(+), 1 deletion(-)
d962d2
d962d2 
diff --git a/src/glib-utils.c b/src/glib-utils.c
d962d2 
index 6d345243..c3901410 100644
d962d2 
--- a/src/glib-utils.c
d962d2 
+++ b/src/glib-utils.c
d962d2 
@@ -1079,7 +1079,7 @@ sanitize_filename (const char *file_name)
d962d2 
 	prefix_len = 0;
d962d2 
 	for (p = file_name; *p; ) {
d962d2 
 		if (ISDOT (p[0]) && ISDOT (p[1]) && (ISSLASH (p[2]) || !p[2]))
d962d2 
-			prefix_len = p + 2 - file_name;
d962d2 
+			return NULL;
d962d2
d962d2 
 		do {
d962d2 
 			char c = *p++;
d962d2 
--
d962d2 
2.26.2
d962d2

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation