![]() |
|
Message-ID: <Z9KFQxKr65F50T/M@256bit.org> Date: Thu, 13 Mar 2025 08:12:03 +0100 From: Christian Brabandt <cb@...bit.org> To: oss-security@...ts.openwall.com Subject: Re: [vim-security] potential data loss with zip.vim and special crafted zip files in Vim < v9.1.1198 On Thu, 13 Mar 2025, Eli Schwartz wrote: > unzip will not permit you to run: > > ``` > unzip foo.zip ./dir1/member > ``` > > in order to extract an archive member named "dir1/member". There is no > ./ member in the archive, it's not resolved like a filesystem path. > > It will print a diagnostic: "caution: filename not matched: > ./dir1/member" and exit 11 (no matching files were found.) Correct. Tried that, doesn't work. The whole unzip commandline parsing looks quite fragile to me: ``` unzip [-Z] [-cflptTuvz[abjnoqsCDKLMUVWX$/:^]] file[.zip] [file(s) ...] [-x xfile(s) ...] [-d exdir] ``` (e.g. it allows optional arguments to be followed after any number of member files). Thanks, Christian -- "Problem solving under linux has never been the circus that it is under AIX." (By Pete Ehlke in comp.unix.aix)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.