Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Fix the ".archive" command in the CLI (and the corresponding -A command-line option) so that it silently ignores filenames that contain "../" in their names. This prevents the "Zip Slip" attack. |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
27291f2d7fd4dadf2ee9b9a7d1373158 |
User & Date: | drh 2018-06-06 01:18:01 |
Context
2018-06-06
| ||
16:28 | Change sqlite3BtreeBeginTrans() to return the BTREE_SCHEMA_COOKIE, for a small speed improvement when starting new transactions. (check-in: a10662aa user: drh tags: trunk) | |
01:18 | Fix the ".archive" command in the CLI (and the corresponding -A command-line option) so that it silently ignores filenames that contain "../" in their names. This prevents the "Zip Slip" attack. (check-in: 27291f2d user: drh tags: trunk) | |
2018-06-05
| ||
23:51 | Update the version number to 3.25.0 for the next development cycle. (check-in: 7598236c user: drh tags: trunk) | |
Changes
Changes to src/shell.c.in.
︙ | ︙ | |||
5280 5281 5282 5283 5284 5285 5286 | ** Implementation of .ar "eXtract" command. */ static int arExtractCommand(ArCommand *pAr){ const char *zSql1 = "SELECT " " ($dir || name)," " writefile(($dir || name), %s, mode, mtime) " | | > | 5280 5281 5282 5283 5284 5285 5286 5287 5288 5289 5290 5291 5292 5293 5294 5295 | ** Implementation of .ar "eXtract" command. */ static int arExtractCommand(ArCommand *pAr){ const char *zSql1 = "SELECT " " ($dir || name)," " writefile(($dir || name), %s, mode, mtime) " "FROM %s WHERE (%s) AND (data IS NULL OR $dirOnly = 0)" " AND name NOT GLOB '*..[/\\]*'"; const char *azExtraArg[] = { "sqlar_uncompress(data, sz)", "data" }; sqlite3_stmt *pSql = 0; |
︙ | ︙ |