1
0
mirror of https://github.com/openSUSE/osc.git synced 2024-11-10 14:56:14 +01:00

fix security issue (bsc#1122675) no / in filename

This checks if the filename of a downloaded file has
been modified (for example by a MITM attack) to contain
slashes. This could mean that the file is compromised
and that the attacker tries to overwrite system files.
This commit is contained in:
lethliel 2020-05-27 09:40:16 +02:00
parent 3967133022
commit a79c54418b

View File

@ -179,8 +179,11 @@ class Fetcher:
print('Unsupported file type: ', tmpfile, file=sys.stderr) print('Unsupported file type: ', tmpfile, file=sys.stderr)
sys.exit(1) sys.exit(1)
canonname = pac_obj.binary canonname = pac_obj.binary
decoded_canonname = decode_it(canonname)
if b'/' in canonname or '/' in decoded_canonname:
raise oscerr.OscIOError(None, 'canonname contains a slash')
fullfilename = os.path.join(destdir, decode_it(canonname)) fullfilename = os.path.join(destdir, decoded_canonname)
if pac_obj is not None: if pac_obj is not None:
pac_obj.canonname = canonname pac_obj.canonname = canonname
pac_obj.fullfilename = fullfilename pac_obj.fullfilename = fullfilename