Skip to content
This repository has been archived by the owner. It is now read-only.

Fix various minor issues found by LGTM #925

Merged
merged 2 commits into from Apr 28, 2019
Merged

Fix various minor issues found by LGTM #925

merged 2 commits into from Apr 28, 2019

Conversation

@jvoisin
Copy link
Contributor

@jvoisin jvoisin commented Mar 26, 2019

  • Unnecessary boxing
  • Integer overflow
  • Path traversal via zip
  • Dangerous synchronisation pattern
jvoisin added 2 commits Mar 26, 2019
- Unnecessary boxing
- Integer overflow
- Path traversal via zip
- Dangerous synchronisation pattern
@jvoisin jvoisin merged commit d3970a5 into airsonic:master Apr 28, 2019
1 check passed
@jvoisin jvoisin deleted the misc_fix_lgtm branch Apr 28, 2019
@jvoisin
Copy link
Contributor Author

@jvoisin jvoisin commented Apr 28, 2019

The path traversal could lead to an RCE if the attacker is able to write a file in /var/airsonic/transcode/.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

1 participant