archive/zip: don't panic on (*Reader).Open - go - Fork of Go programming language with my patches.

diff options

author	Jason7602 <jansonzhe@gmail.com>	2021-09-14 21:38:19 +0800
committer	Filippo Valsorda <filippo@golang.org>	2021-11-02 20:47:30 +0000
commit	b24687394b55a93449e2be4e6892ead58ea9a10f (patch)
tree	464972cd50ecaca410f81ca1989fd7d172640c4a /src/errors
parent	b29182b54ac343bbc58a30357d9df908f1c3b727 (diff)
download	go-b24687394b55a93449e2be4e6892ead58ea9a10f.tar.xz

archive/zip: don't panic on (*Reader).Open

Previously, opening a zip with (*Reader).Open could result in a panic if the zip contained a file whose name was exclusively made up of slash characters or ".." path elements. Open could also panic if passed the empty string directly as an argument. Now, any files in the zip whose name could not be made valid for fs.FS.Open will be skipped, and no longer added to the fs.FS file list, although they are still accessible through (*Reader).File. Note that it was already the case that a file could be accessible from (*Reader).Open with a name different from the one in (*Reader).File, as the former is the cleaned name, while the latter is the original one. Finally, made the actual panic site robust as a defense-in-depth measure. Fixes CVE-2021-41772 Fixes #48085 Co-authored-by: Filippo Valsorda <filippo@golang.org> Change-Id: I6271a3f2892e7746f52e213b8eba9a1bba974678 Reviewed-on: https://go-review.googlesource.com/c/go/+/349770 Run-TryBot: Filippo Valsorda <filippo@golang.org> Reviewed-by: Katie Hockman <katie@golang.org> Reviewed-by: Filippo Valsorda <filippo@golang.org> Trust: Katie Hockman <katie@golang.org> Trust: Julie Qiu <julie@golang.org>

Diffstat (limited to 'src/errors')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: