This is an automated email from the git hooks/post-receive script. guillem pushed a commit to branch master in repository dpkg.
View the commit online: https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=64f3d6dd7d39a4bf09768ba9c96981562d60117c commit 64f3d6dd7d39a4bf09768ba9c96981562d60117c Author: Guillem Jover <[email protected]> AuthorDate: Fri Jul 3 07:11:25 2020 +0200 Dpkg::Path: Do not do partial matches for directory traversal checks We need to match against the directory name and not just its prefix, so we have to expect a trailing slash after the base directory name. --- debian/changelog | 2 ++ scripts/Dpkg/Path.pm | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/debian/changelog b/debian/changelog index 76d6d8dee..ece05ebd2 100644 --- a/debian/changelog +++ b/debian/changelog @@ -10,6 +10,8 @@ dpkg (1.20.4) UNRELEASED; urgency=medium directory, except for the trustkeys.db file if present. - Dpkg::Path: Refactor new check_directory_traversal() function out of Dpkg::Source::Package->extract(). + - Dpkg::Path: Do not do partial matches for directory traversal checks, + expect a trailing slash after the base directory name. * Build system: - Add Module::Signature as configure recommends for CPAN. * Test suite: diff --git a/scripts/Dpkg/Path.pm b/scripts/Dpkg/Path.pm index 1fc7cc786..240b328f6 100644 --- a/scripts/Dpkg/Path.pm +++ b/scripts/Dpkg/Path.pm @@ -219,7 +219,7 @@ sub check_directory_traversal { my $canon_basedir = realpath($basedir); my $check_symlinks = sub { my $canon_pathname = realpath($_); - return if $canon_pathname =~ m/^\Q$canon_basedir\E/; + return if $canon_pathname =~ m{^\Q$canon_basedir/\E}; error(g_("pathname '%s' points outside source root (to '%s')"), $_, $canon_pathname); -- Dpkg.Org's dpkg
