STACKITGit/cli - Git hosting by STACKIT

STACKITGit/cli

Fork 0

Commit graph

Author	SHA1	Message	Date
Mislav Marohnić	a315e6865c	run download: fix extracting to root path Our rudimentary check for whether a file path is entirely contained under a directory had a false negative when the parent directory is "/".	2022-02-18 20:27:40 +01:00
Mislav Marohnić	f8c7fd1d28	Fix extracting workflow artifact to a relative path To prevent zipslip, we verify that each extracted file would fall strictly under the prefix of the path to extract to. However, this yielded a false positive when extracting to `.`, which is the default for downloading a single archive.	2021-04-13 19:15:14 +02:00

Author

SHA1

Message

Date

Mislav Marohnić

a315e6865c

run download: fix extracting to root path

Our rudimentary check for whether a file path is entirely contained
under a directory had a false negative when the parent directory is "/".

2022-02-18 20:27:40 +01:00

Mislav Marohnić

f8c7fd1d28

Fix extracting workflow artifact to a relative path

To prevent zipslip, we verify that each extracted file would fall
strictly under the prefix of the path to extract to. However, this
yielded a false positive when extracting to `.`, which is the default
for downloading a single archive.

2021-04-13 19:15:14 +02:00

2 commits