This is an automated email from the git hooks/post-receive script. guillem pushed a commit to branch master in repository dpkg.
View the commit online: https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=959c1dbdff41eba3fe108f148b70e4e95cf3113c commit 959c1dbdff41eba3fe108f148b70e4e95cf3113c Author: Guillem Jover <[email protected]> AuthorDate: Fri Jul 3 07:11:25 2020 +0200 Dpkg::Path: Do not consider missing symlink targets a directory traversal Closes: #964234 --- debian/changelog | 2 ++ scripts/Dpkg/Path.pm | 3 +++ 2 files changed, 5 insertions(+) diff --git a/debian/changelog b/debian/changelog index 7484c7106..a0394941c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -14,6 +14,8 @@ dpkg (1.20.4) UNRELEASED; urgency=medium expect a trailing slash after the base directory name. - Dpkg::Path: Catch uncanonicanizable pathnames with a proper error. Closes: #964111 + - Dpkg::Path: Do not consider missing symlink targets a directory + traversal attempt. Closes: #964234 * Build system: - Add Module::Signature as configure recommends for CPAN. * Test suite: diff --git a/scripts/Dpkg/Path.pm b/scripts/Dpkg/Path.pm index 4b555b9b8..b44857964 100644 --- a/scripts/Dpkg/Path.pm +++ b/scripts/Dpkg/Path.pm @@ -34,6 +34,7 @@ our @EXPORT_OK = qw( ); use Exporter qw(import); +use Errno qw(ENOENT); use File::Spec; use File::Find; use Cwd qw(realpath); @@ -220,6 +221,8 @@ sub check_directory_traversal { my $check_symlinks = sub { my $canon_pathname = realpath($_); if (not defined $canon_pathname) { + return if $! == ENOENT; + syserr(g_("pathname '%s' cannot be canonicalized"), $_); } return if $canon_pathname =~ m{^\Q$canon_basedir/\E}; -- Dpkg.Org's dpkg
