wallenstein/void-packages
1
0
Fork 0
mirror of https://github.com/void-linux/void-packages.git synced 2025-06-07 15:43:49 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

ark: update to 20.08.0.

Browse source
This commit is contained in:
John 2020-08-13 20:14:44 +02:00
parent 46794cf3e8
commit bbde9aeeaf
3 changed files with 3 additions and 50 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
srcpkgs/ark/patches/0df592524fed305d6fbe74ddf8a196bc9ffdb92f.patch
View file

@ -1,46 +0,0 @@
From 0df592524fed305d6fbe74ddf8a196bc9ffdb92f Mon Sep 17 00:00:00 2001
From: Elvis Angelaccio <elvis.angelaccio@kde.org>
Date: Wed, 29 Jul 2020 23:45:30 +0200
Subject: [PATCH] Fix vulnerability to path traversal attacks
Ark was vulnerable to directory traversal attacks because of
missing validation of file paths in the archive.
More details about this attack are available at:
https://github.com/snyk/zip-slip-vulnerability
Job::onEntry() is the only place where we can safely check the path of
every entry in the archive. There shouldn't be a valid reason
to have a "../" in an archive path, so we can just play safe and abort
the LoadJob if we detect such an entry. This makes impossibile to
extract this kind of malicious archives and perform the attack.
Thanks to Albert Astals Cid for suggesting to use QDir::cleanPath()
so that we can still allow loading of legitimate archives that
contain "../" in their paths but still resolve inside the extraction folder.
---
kerfuffle/jobs.cpp | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/kerfuffle/jobs.cpp b/kerfuffle/jobs.cpp
index fdaa48695..f73b56f86 100644
--- a/kerfuffle/jobs.cpp
+++ b/kerfuffle/jobs.cpp
@@ -180,6 +180,14 @@ void Job::onError(const QString & message, const QString & details)
void Job::onEntry(Archive::Entry *entry)
{
+ const QString entryFullPath = entry->fullPath();
+ if (QDir::cleanPath(entryFullPath).contains(QLatin1String("../"))) {
+ qCWarning(ARK) << "Possibly malicious archive. Detected entry that could lead to a directory traversal attack:" << entryFullPath;
+ onError(i18n("Could not load the archive because it contains ill-formed entries and might be a malicious archive."), QString());
+ onFinished(false);
+ return;
+ }
+
emit newEntry(entry);
}
--
GitLab

1
srcpkgs/ark/patches/0df592524fed305d6fbe74ddf8a196bc9ffdb92f.patch.args
View file

@ -1 +0,0 @@
-Np1

6
srcpkgs/ark/template
View file

@ -1,7 +1,7 @@
# Template file for 'ark' # Template file for 'ark'
pkgname=ark pkgname=ark
version=20.04.3 version=20.08.0
revision=2 revision=1
build_style=cmake build_style=cmake
hostmakedepends="extra-cmake-modules qt5-devel qt5-qmake hostmakedepends="extra-cmake-modules qt5-devel qt5-qmake
kdoctools kconfig gettext pkg-config" kdoctools kconfig gettext pkg-config"
@ -11,7 +11,7 @@ maintainer="John <me@johnnynator.dev>"
license="GPL-2.0-or-later" license="GPL-2.0-or-later"
homepage="https://kde.org/applications/en/utilities/org.kde.ark" homepage="https://kde.org/applications/en/utilities/org.kde.ark"
distfiles="${KDE_SITE}/release-service/${version}/src/${pkgname}-${version}.tar.xz" distfiles="${KDE_SITE}/release-service/${version}/src/${pkgname}-${version}.tar.xz"
checksum=e7251b0b6f12291ffbaa328bf7f8e101ebeef6fd110dabbcf76d8ad7cfd305bc checksum=7627ffa17466d31dfdedabaa07b491ce14b46041d04f8b20316a0fa731fab098
if [ "$CROSS_BUILD" ]; then if [ "$CROSS_BUILD" ]; then
hostmakedepends+=" python3 kcoreaddons kparts" hostmakedepends+=" python3 kcoreaddons kparts"