summaryrefslogtreecommitdiffstats
path: root/web/html/packages.php
diff options
context:
space:
mode:
authorLukas Fleischer <archlinux@cryptocrack.de>2012-03-19 23:18:48 +0100
committerLukas Fleischer <archlinux@cryptocrack.de>2012-03-19 23:29:58 +0100
commit1f36664e9f55b175472436973a238aa36bd58bb2 (patch)
tree6edfb49d7d8ba0369e88eabbf4e708ae96646816 /web/html/packages.php
parent1e29bd2217f4320d3df156c448bf16aaeaec53d6 (diff)
downloadaur-1f36664e9f55b175472436973a238aa36bd58bb2.tar.gz
aur-1f36664e9f55b175472436973a238aa36bd58bb2.tar.xz
web/html/pkgsubmit.php: Revamp tarball validation
* Reorder checks. * Use simple string functions instead of regular expressions. * Check for type flags before validating paths. The latter ensures we don't treat tarball keywords/flags as directories. This avoids problems with bsdtar inserting PaxHeader attributes into the archive which look something like the following to Archive_Tar: PaxHeader/xcursor-protozoa xcursor-protozoa/ xcursor-protozoa/PaxHeader/PKGBUILD xcursor-protozoa/PKGBUILD This only occurs on certain filesystems (e.g. jfs), but the tarball is by no means invalid. When extracted, it will only contain the PKGBUILD within a single subdirectory. Addresses FS#28802. Thanks-to: Dave Reisner <dreisner@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/html/packages.php')
0 files changed, 0 insertions, 0 deletions