Review Request 122733: Fix path traversal checks in KPackage

Alex Richardson arichardson.kde at gmail.com
Thu Feb 26 19:34:42 UTC 2015


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/122733/
-----------------------------------------------------------

Review request for KDE Frameworks, Plasma and Marco Martin.


Repository: kpackage


Description
-------

They did not canonicalize the package base directory path so it would
always fail when the package base path contained symlinks


Diffs
-----

  src/kpackage/package.cpp eb4a09b987970e89f28587426b21d63731634087 
  src/kpackage/private/package_p.h e451412fa02c88113aa4c7bbca2dcda3432b2b02 

Diff: https://git.reviewboard.kde.org/r/122733/diff/


Testing
-------

Files inside the package are now found although the install location contains a symlink


Thanks,

Alex Richardson

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20150226/9dbd4f8c/attachment.html>


More information about the Kde-frameworks-devel mailing list