forked from sig_core/toolkit
CVE fix for 'safe extract' tar is covered by filter
This commit is contained in:
parent
8ce5f69772
commit
e2ae0f8630
@ -1214,6 +1214,8 @@ class Shared:
|
|||||||
def tar_is_within_directory(directory, target):
|
def tar_is_within_directory(directory, target):
|
||||||
"""
|
"""
|
||||||
CVE-2007-4559
|
CVE-2007-4559
|
||||||
|
|
||||||
|
Function is obsolete. Will be removed in a future version.
|
||||||
"""
|
"""
|
||||||
abs_directory = os.path.abspath(directory)
|
abs_directory = os.path.abspath(directory)
|
||||||
abs_target = os.path.abspath(target)
|
abs_target = os.path.abspath(target)
|
||||||
@ -1223,19 +1225,14 @@ class Shared:
|
|||||||
@staticmethod
|
@staticmethod
|
||||||
def tar_safe_extractall(tar,
|
def tar_safe_extractall(tar,
|
||||||
path=".",
|
path=".",
|
||||||
members=None,
|
|
||||||
*,
|
*,
|
||||||
numeric_owner=False
|
numeric_owner=False
|
||||||
):
|
):
|
||||||
"""
|
"""
|
||||||
CVE-2007-4559
|
CVE-2007-4559 is addressed by setting filter='tar'. This function will
|
||||||
|
remain here to reduce changes to utilities.
|
||||||
"""
|
"""
|
||||||
for member in tar.getmembers():
|
tar.extractall(path=path, numeric_owner=numeric_owner, filter='tar')
|
||||||
member_path = os.path.join(path, member.name)
|
|
||||||
if not Shared.tar_is_within_directory(path, member_path):
|
|
||||||
raise Exception("Path traversal attempted in tar file")
|
|
||||||
|
|
||||||
tar.extractall(path=path, members=members, numeric_owner=numeric_owner)
|
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def dnf_sync(repo, sync_root, work_root, arch, logger):
|
def dnf_sync(repo, sync_root, work_root, arch, logger):
|
||||||
|
Loading…
Reference in New Issue
Block a user