oss-sec mailing list archives
Re: [vim-security] potential data loss with zip.vim and special crafted zip files in Vim < v9.1.1198
From: Christian Brabandt <cb () 256bit org>
Date: Thu, 13 Mar 2025 08:12:03 +0100
On Thu, 13 Mar 2025, Eli Schwartz wrote:
unzip will not permit you to run: ``` unzip foo.zip ./dir1/member ``` in order to extract an archive member named "dir1/member". There is no ./ member in the archive, it's not resolved like a filesystem path. It will print a diagnostic: "caution: filename not matched: ./dir1/member" and exit 11 (no matching files were found.)
Correct. Tried that, doesn't work. The whole unzip commandline parsing looks quite fragile to me: ``` unzip [-Z] [-cflptTuvz[abjnoqsCDKLMUVWX$/:^]] file[.zip] [file(s) ...] [-x xfile(s) ...] [-d exdir] ``` (e.g. it allows optional arguments to be followed after any number of member files). Thanks, Christian -- "Problem solving under linux has never been the circus that it is under AIX." (By Pete Ehlke in comp.unix.aix)
Current thread:
- [vim-security] potential data loss with zip.vim and special crafted zip files in Vim < v9.1.1198 Christian Brabandt (Mar 12)
- Re: [vim-security] potential data loss with zip.vim and special crafted zip files in Vim < v9.1.1198 Solar Designer (Mar 12)
- Re: [vim-security] potential data loss with zip.vim and special crafted zip files in Vim < v9.1.1198 Eli Schwartz (Mar 12)
- Re: [vim-security] potential data loss with zip.vim and special crafted zip files in Vim < v9.1.1198 Christian Brabandt (Mar 13)
- Re: [vim-security] potential data loss with zip.vim and special crafted zip files in Vim < v9.1.1198 Eli Schwartz (Mar 12)
- Re: [vim-security] potential data loss with zip.vim and special crafted zip files in Vim < v9.1.1198 Solar Designer (Mar 12)