mirror of
https://github.com/vim/vim.git
synced 2025-12-10 18:46:57 -05:00
patch 9.1.1552: [security]: path traversal issue in tar.vim
Problem: [security]: path traversal issue in tar.vim
(@ax)
Solution: warn the user for such things, drop leading /, don't
forcefully overwrite files when writing temporary files,
refactor autoload/tar.vim
tar.vim: drop leading / in path names
A tar archive containing files with leading `/` may cause confusions as
to where the content is extracted. Let's make sure we drop the leading
`/` and use a relative path instead.
Also while at it, had to refactor it quite a bit and increase the
minimum supported Vim version to v9. Also add a test for some basic tar
functionality
closes: #17733
This commit is contained in:
Christian Brabandt
2
Filelist
2
Filelist
@ -213,7 +213,9 @@ SRC_ALL = \
|
||||
src/testdir/samples/*.txt \
|
||||
src/testdir/samples/*.vim \
|
||||
src/testdir/samples/evil.zip \
|
||||
src/testdir/samples/evil.tar \
|
||||
src/testdir/samples/poc.zip \
|
||||
src/testdir/samples/sample.tar \
|
||||
src/testdir/samples/test.zip \
|
||||
src/testdir/samples/test000 \
|
||||
src/testdir/samples/test_undo.txt.undo \
|
||||
|
||||
Reference in New Issue
Block a user