Commit 8bf8c5ef authored by Fabian Vogt's avatar Fabian Vogt Committed by Albert Astals Cid

Pass the ARCHIVE_EXTRACT_SECURE_SYMLINKS flag to libarchive

There are archive types which allow to first create a symlink and then
later on dereference it. If the symlink points outside of the archive,
this results in writing outside of the destination directory.

With the ARCHIVE_EXTRACT_SECURE_SYMLINKS option set, libarchive avoids
this situation by verifying that none of the target path components are
symlinks before writing.

Remove the commented out code in the method, which would actually
misbehave if enabled again.
Signed-off-by: Fabian Vogt's avatarFabian Vogt <fabian@ritter-vogt.de>
parent ddd3641e
...@@ -509,21 +509,9 @@ void LibarchivePlugin::emitEntryFromArchiveEntry(struct archive_entry *aentry) ...@@ -509,21 +509,9 @@ void LibarchivePlugin::emitEntryFromArchiveEntry(struct archive_entry *aentry)
int LibarchivePlugin::extractionFlags() const int LibarchivePlugin::extractionFlags() const
{ {
int result = ARCHIVE_EXTRACT_TIME; return ARCHIVE_EXTRACT_TIME
result |= ARCHIVE_EXTRACT_SECURE_NODOTDOT; | ARCHIVE_EXTRACT_SECURE_NODOTDOT
| ARCHIVE_EXTRACT_SECURE_SYMLINKS;
// TODO: Don't use arksettings here
/*if ( ArkSettings::preservePerms() )
{
result &= ARCHIVE_EXTRACT_PERM;
}
if ( !ArkSettings::extractOverwrite() )
{
result &= ARCHIVE_EXTRACT_NO_OVERWRITE;
}*/
return result;
} }
void LibarchivePlugin::copyData(const QString& filename, struct archive *dest, bool partialprogress) void LibarchivePlugin::copyData(const QString& filename, struct archive *dest, bool partialprogress)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment