packages/ark
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ark/backport-CVE-2024-57966.patch
Funda Wang 64343acfcc fix CVE-2024-57966
2025-02-05 12:56:48 +08:00

54 lines
2.2 KiB
Diff
Raw Blame History

From fe518d81b338941e0bf1c5ce5e75a9ab6de4bb58 Mon Sep 17 00:00:00 2001
From: Fabian Vogt <fabian@ritter-vogt.de>
Date: Thu, 7 Nov 2024 14:47:26 +0100
Subject: [PATCH] Treat absolute paths as relative paths during extraction
Tell libarchive to use the path for extraction that Ark uses internally.
In addition, set the ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS flag to avoid
that absolute paths are used by accident.
(cherry picked from commit cc9ea9e89c1c679d398809e94f1217b1f73c4b48)
---
plugins/libarchive/libarchiveplugin.cpp | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/plugins/libarchive/libarchiveplugin.cpp b/plugins/libarchive/libarchiveplugin.cpp
index 8d489f58f..9b47bae8c 100644
--- a/plugins/libarchive/libarchiveplugin.cpp
+++ b/plugins/libarchive/libarchiveplugin.cpp
@@ -307,6 +307,11 @@
entryName.remove(0, 1);
}
+ // If this ends up empty (e.g. from // or ./), convert to ".".
+ if (entryName.isEmpty()) {
+ entryName = QStringLiteral(".");
+ }
+
// Should the entry be extracted?
if (extractAll ||
remainingFiles.contains(entryName) ||
@@ -321,10 +326,12 @@
continue;
}
- // entryFI is the fileinfo pointing to where the file will be
+ // Make sure libarchive uses the same path as we expect, based on transformations and renames,
+ qCDebug(ARK) << "setting path to " << entryName;
+ archive_entry_copy_pathname(entry, QFile::encodeName(entryName).constData());
+ // entryFI is the fileinfo pointing to where the file will be
// written from the archive.
QFileInfo entryFI(entryName);
- //qCDebug(ARK) << "setting path to " << archive_entry_pathname( entry );
if (isSingleFile && fileBeingRenamed.isEmpty()) {
// Rename extracted file from libarchive-internal "data" name to the archive uncompressed name.
@@ -568,6 +575,7 @@
int LibarchivePlugin::extractionFlags() const
{
return ARCHIVE_EXTRACT_TIME
+ | ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS
| ARCHIVE_EXTRACT_SECURE_NODOTDOT
| ARCHIVE_EXTRACT_SECURE_SYMLINKS;
}
Reference in New Issue View Git Blame Copy Permalink