STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Use filepath.Clean to sanitize path for archive downloads (#7720)

Browse source
This commit is contained in:
Sam Coe 2023-07-18 12:49:55 -07:00 committed by GitHub
parent 5d82a9553c
commit 7f3196fcd4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
pkg/cmd/release/download/download.go
View file

@ -290,7 +290,7 @@ func downloadAsset(dest *destinationWriter, httpClient *http.Client, assetURL, f
return fmt.Errorf("unable to parse file name of archive: %w", err)
}
if serverFileName, ok := params["filename"]; ok {
fileName = serverFileName
fileName = filepath.Clean(serverFileName)
} else {
return errors.New("unable to determine file name of archive")
}