[Pkg-shadow-devel] [Git][debian/adduser][master] sanitize target string coming from readlink()
Marc Haber (@zugschlus)
gitlab at salsa.debian.org
Sun Feb 23 08:35:16 GMT 2025
Marc Haber pushed to branch master at Debian / adduser
Commits:
3e5edfdb by Marc Haber at 2025-02-23T09:34:39+01:00
sanitize target string coming from readlink()
- - - - -
1 changed file:
- adduser
Changes:
=====================================
adduser
=====================================
@@ -1247,7 +1247,7 @@ sub copy_to_dir {
log_trace("copy_to_dir file: %s", $file);
if (-l "$fromdir/$file") {
my $target;
- if( !($target = readlink("$fromdir/$file")) ) {
+ if( !($target = sanitize_string(readlink("$fromdir/$file"), pathre)) ) {
log_err( "readlink: %s", $! );
&cleanup();
}
View it on GitLab: https://salsa.debian.org/debian/adduser/-/commit/3e5edfdbf9051384400f799de7cf03db5ceb496d
--
View it on GitLab: https://salsa.debian.org/debian/adduser/-/commit/3e5edfdbf9051384400f799de7cf03db5ceb496d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-shadow-devel/attachments/20250223/c902f501/attachment.htm>
More information about the Pkg-shadow-devel
mailing list