Commit 997aa99e authored by Timo Teräs's avatar Timo Teräs

do not extract files with malicious name

the security implications are not as high as compared to regular
tar/unzip archiver. this is because you are anyway trusting
the package to install files anywhere in the filesystem.

this serves rather as a sanity to check against errors in created
package.
parent c4960a1a
......@@ -2258,8 +2258,21 @@ static int apk_db_install_archive_entry(void *_ctx,
if (r <= 0)
return r;
/* Package metainfo and script processing */
r = 0;
/* Sanity check the file name */
if (ae->name[0] == '/' ||
strncmp(ae->name, "/./"+1, 3) == 0 ||
strncmp(ae->name, "/../"+1, 3) == 0 ||
strstr(ae->name, "/./") ||
strstr(ae->name, "/../")) {
apk_warning(PKG_VER_FMT": ignoring malicious file %s",
PKG_VER_PRINTF(pkg), ae->name);
ipkg->broken_files = 1;
return 0;
}
/* Package metainfo and script processing */
if (ae->name[0] == '.') {
/* APK 2.0 format */
if (strcmp(ae->name, ".PKGINFO") == 0) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment