diff options
| author | Simon Gomizelj <simongmzlj@gmail.com> | 2013-05-22 00:43:11 -0400 | 
|---|---|---|
| committer | Allan McRae <allan@archlinux.org> | 2013-06-04 13:45:12 +1000 | 
| commit | dd62fde53ec00f1b08d312951b919e15050efe86 (patch) | |
| tree | f0e2376a933734276a74b7445687bfba724aef08 /src/util | |
| parent | fe794ccb25d3ab1f7c07331b437b61c30c08a018 (diff) | |
validate %FILEPATH% when parsing repo dbs
Currently we make no effort to validate the %FILENAME% field in the
repo db. This allows for relative paths to be considered valid.
A carefully crafted db entry with a malicious relative path,
(e.g. `../../../../etc/passwd`) will cause pacman to to
overwrite _any_ file on the target's machine.
Add the following validation:
- doesn't start with '.'
- doesn't contain a '/'
- won't overflow PATH_MAX
Signed-off-by: Simon Gomizelj <simongmzlj@gmail.com>
Signed-off-by: Allan McRae <allan@archlinux.org>
Diffstat (limited to 'src/util')
0 files changed, 0 insertions, 0 deletions
