Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
path: root/scripts/po/sk.po
diff options
context:
space:
mode:
authorSimon Gomizelj <simongmzlj@gmail.com>2013-05-22 00:43:11 -0400
committerAllan McRae <allan@archlinux.org>2013-06-04 13:45:12 +1000
commitdd62fde53ec00f1b08d312951b919e15050efe86 (patch)
treef0e2376a933734276a74b7445687bfba724aef08 /scripts/po/sk.po
parentfe794ccb25d3ab1f7c07331b437b61c30c08a018 (diff)
validate %FILEPATH% when parsing repo dbs
Currently we make no effort to validate the %FILENAME% field in the repo db. This allows for relative paths to be considered valid. A carefully crafted db entry with a malicious relative path, (e.g. `../../../../etc/passwd`) will cause pacman to to overwrite _any_ file on the target's machine. Add the following validation: - doesn't start with '.' - doesn't contain a '/' - won't overflow PATH_MAX Signed-off-by: Simon Gomizelj <simongmzlj@gmail.com> Signed-off-by: Allan McRae <allan@archlinux.org>
Diffstat (limited to 'scripts/po/sk.po')
0 files changed, 0 insertions, 0 deletions

Copyright © 2002-2022 Judd Vinet and Aaron Griffin. Copyright © 2022 Erich Eckner.
The Arch Linux name and logo are recognized trademarks. Some rights reserved. The registered trademark Linux® is used pursuant to a sublicense from LMI, the exclusive licensee of Linus Torvalds, owner of the mark on a world-wide basis.