dgit.raspbian.org Git - ostree.git/commit

author	Colin Walters <walters@verbum.org>
	Thu, 5 May 2016 21:20:04 +0000 (17:20 -0400)
committer	Colin Walters (automation) <walters+githubbot@verbum.org>
	Fri, 6 May 2016 01:15:19 +0000 (01:15 +0000)
commit	5a90781cd867ea3ff38af5587e2aad188e4c5170
tree	27d5f79bad1ef6601927f215485640c094c927e8	tree \| snapshot
parent	7021c4f87658018b876719a57b4efdeb8edfc5e6	commit \| diff

lib: Add more filename validations (no ., .. or /) in commit logic

The filesystem commit code will never give us potentially hostile
filenames, and when importing from archives, we do some validation.

However, we should be extra paranoid and also add error messages in
the mtree in case someone tries to import a hostile
libarchive-supported format.

Closes: #283
Approved by: jlebon

src/libostree/ostree-mutable-tree.c		diff \| blob \| history
src/libostree/ostree-repo-commit.c		diff \| blob \| history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom