oss-sec mailing list archives

Re: cve request: miniunzip directory traversal

From: Alexander Cherepanov <cherepan () mccme ru>
Date: Thu, 01 Jan 2015 13:04:49 +0300

On 2015-01-01 00:44, Michael Gilbert wrote:

Jakub Wilk discovered a directory traversal issue in the miniunzip
tool [0], which is part of minizip [1].  Attached is a proposed
solution.

Attached patch seems to deal with absolute paths only. What aboutrelative ones?


$ touch ../file

$ zip test.zip ../file
  adding: ../file (stored 0%)

$ rm ../file

$ miniunzip test.zip
MiniUnz 1.01b, demo of zLib + Unz package written by Gilles Vollant
more info at http://www.winimage.com/zLibDll/unzip.html

test.zip opened
 extracting: ../file

$ ls ../file
../file

--
Alexander Cherepanov

Current thread:

Re: cve request: miniunzip directory traversal Alexander Cherepanov (Jan 01)
- <Possible follow-ups>
- Re: cve request: miniunzip directory traversal cve-assign (Jan 03)