entry: relax symlink target constraints #90
Conversation
lucab
force-pushed
the
to-upstream/link-creation
branch
14 times, most recently
from
5fcb8f5
to
f2e48a1
Compare
| return Err(other("symlink destination is empty")) | ||
| } | ||
|
|
||
| println!("{:?} {:?}", actual_src, dst); | ||
| println!("{:?} {:?}", src, dst); |
There was a problem hiding this comment.
oh oops this is actually a stray println and should get removed!
There was a problem hiding this comment.
Yes, I re-introduced it later in order to get some clues about the appveyor issue.
| @@ -130,5 +180,8 @@ fn good_parent_paths_ok() { | |||
|
|
|||
| let td = t!(TempDir::new("tar")); | |||
| t!(ar.unpack(td.path())); | |||
| t!(File::open(td.path().join("foo/bar"))); | |||
| t!(td.path().join("foo").join("bar").read_link()); | |||
| let dst = t!(td.path().join("foo").join("bar").canonicalize()); | |||
There was a problem hiding this comment.
It looks like this line is failing on AppVeyor?
There was a problem hiding this comment.
Yes, and I'm puzzled. I expanded the previous test into path-joining, readlink(), and canonicalize() in order to understand what's going on, but the original one was also failing. It looks like windows doesn't like the ../bar symlink. This crate is converting \ to / in symlinks, so ..\bar becomes ../bar. This may be part of the issue, but it seems to be on purpose (and actually covered by unit testing). I'm not familiar with windows api, how do relative symlinks and separators work there?
There was a problem hiding this comment.
Hm to be honest I'm surprised that symlinks work at all on Windows, they're supposed to be gated by default...
Want to just #[cfg(unix)] the symlink tests?
|
Looks great to me, thanks! I'm fine merging once AppVeyor is green |
This allows the creation and extraction of symlinks pointing to targets outside of the destination directory, including absolute paths and `../` chains. Path traversal is now checked at unpack time, by canonicalizing the target path and ensuring that it is nested below destination path.
lucab
force-pushed
the
to-upstream/link-creation
branch
from
f2e48a1
to
7843d6a
Compare
|
As suggested, moved the last test to unix-only. PTAL. |
|
Thanks! |
This allows the creation and extraction of symlinks pointing to targets
outside of the destination directory, including absolute paths and
../chains.
Path traversal is now checked at unpack time, by canonicalizing the target
path and ensuring that it is nested below destination path.
Fixes #87