Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP2:GA
file-roller.12870
file-roller-CVE-2019-16680.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File file-roller-CVE-2019-16680.patch of Package file-roller.12870
From 57268e51e59b61c9e3125eb0f65551c7084297e2 Mon Sep 17 00:00:00 2001 From: Paolo Bacchilega <paobac@src.gnome.org> Date: Mon, 27 Aug 2018 15:15:42 +0200 Subject: [PATCH] Path traversal vulnerability Do not extract files with relative paths. [bug #794337] --- src/glib-utils.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/glib-utils.c b/src/glib-utils.c index 6d345243..c3901410 100644 --- a/src/glib-utils.c +++ b/src/glib-utils.c @@ -1079,7 +1079,7 @@ sanitize_filename (const char *file_name) prefix_len = 0; for (p = file_name; *p; ) { if (ISDOT (p[0]) && ISDOT (p[1]) && (ISSLASH (p[2]) || !p[2])) - prefix_len = p + 2 - file_name; + return NULL; do { char c = *p++; -- 2.22.0
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor