Review Request 122733: Fix path traversal checks in KPackage
Alex Richardson
arichardson.kde at gmail.com
Thu Feb 26 19:34:42 UTC 2015
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/122733/
-----------------------------------------------------------
Review request for KDE Frameworks, Plasma and Marco Martin.
Repository: kpackage
Description
-------
They did not canonicalize the package base directory path so it would
always fail when the package base path contained symlinks
Diffs
-----
src/kpackage/package.cpp eb4a09b987970e89f28587426b21d63731634087
src/kpackage/private/package_p.h e451412fa02c88113aa4c7bbca2dcda3432b2b02
Diff: https://git.reviewboard.kde.org/r/122733/diff/
Testing
-------
Files inside the package are now found although the install location contains a symlink
Thanks,
Alex Richardson
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20150226/9dbd4f8c/attachment.html>
More information about the Kde-frameworks-devel
mailing list