Review Request 122733: Fix path traversal checks in KPackage
Alex Richardson
arichardson.kde at gmail.com
Tue Mar 3 17:53:46 UTC 2015
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/122733/
-----------------------------------------------------------
(Updated March 3, 2015, 5:53 p.m.)
Status
------
This change has been marked as submitted.
Review request for KDE Frameworks, Plasma and Marco Martin.
Repository: kpackage
Description
-------
They did not canonicalize the package base directory path so it would
always fail when the package base path contained symlinks
Diffs
-----
src/kpackage/package.cpp eb4a09b987970e89f28587426b21d63731634087
src/kpackage/private/package_p.h e451412fa02c88113aa4c7bbca2dcda3432b2b02
Diff: https://git.reviewboard.kde.org/r/122733/diff/
Testing
-------
Files inside the package are now found although the install location contains a symlink
Thanks,
Alex Richardson
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20150303/ce4a93b1/attachment-0001.html>
More information about the Kde-frameworks-devel
mailing list