This is an automated email from the git hooks/post-receive script. guillem pushed a commit to branch main in repository dpkg.
View the commit online: https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=e7bafa8d18eb63a77328a09236252ca13befe5a8 The following commit(s) were added to refs/heads/main by this push: new e7bafa8d1 Dpkg::Path: Resolve /dev/null before comparing canonicalized pathnames e7bafa8d1 is described below commit e7bafa8d18eb63a77328a09236252ca13befe5a8 (HEAD -> main) Author: Guillem Jover <[email protected]> AuthorDate: Wed Mar 16 19:32:39 2022 +0100 Dpkg::Path: Resolve /dev/null before comparing canonicalized pathnames On Solaris /dev/null points to something like «/devices/pseudo/mm@0:null», as seen on the CPAN test systems. Resolving /dev/null, before comparing the pathname on directory traversal attempts should make this work. --- scripts/Dpkg/Path.pm | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/scripts/Dpkg/Path.pm b/scripts/Dpkg/Path.pm index 6cde2c382..e9dff5cf3 100644 --- a/scripts/Dpkg/Path.pm +++ b/scripts/Dpkg/Path.pm @@ -220,6 +220,8 @@ sub check_directory_traversal { my ($basedir, $dir) = @_; my $canon_basedir = realpath($basedir); + # On Solaris /dev/null points to /devices/pseudo/mm@0:null. + my $canon_devnull = realpath('/dev/null'); my $check_symlinks = sub { my $canon_pathname = realpath($_); if (not defined $canon_pathname) { @@ -227,7 +229,7 @@ sub check_directory_traversal { syserr(g_("pathname '%s' cannot be canonicalized"), $_); } - return if $canon_pathname eq '/dev/null'; + return if $canon_pathname eq $canon_devnull; return if $canon_pathname eq $canon_basedir; return if $canon_pathname =~ m{^\Q$canon_basedir/\E}; -- Dpkg.Org's dpkg
