diff --git a/.github/workflows/macos-latest.yml b/.github/workflows/macos-latest.yml
new file mode 100644
index 00000000..86a92a5a
--- /dev/null
+++ b/.github/workflows/macos-latest.yml
@@ -0,0 +1,25 @@
+name: Macos-latest
+
+on:
+ push:
+ branches: [ master, goreleaser, next, zip-slip ]
+ pull_request:
+ branches: [ master, goreleaser, next, zip-slip ]
+
+jobs:
+
+ build:
+ runs-on: macos-latest
+ steps:
+ - uses: actions/checkout@v2
+
+ - name: Set up Go
+ uses: actions/setup-go@v2
+ with:
+ go-version: 1.17
+
+ - name: Build
+ run: go build cmd/arc/*.go
+
+ - name: Test
+ run: go test -v ./...
diff --git a/.github/workflows/ubuntu-latest.yml b/.github/workflows/ubuntu-latest.yml
new file mode 100644
index 00000000..bd1f1e02
--- /dev/null
+++ b/.github/workflows/ubuntu-latest.yml
@@ -0,0 +1,25 @@
+name: Ubuntu-latest
+
+on:
+ push:
+ branches: [ master, goreleaser, next, zip-slip ]
+ pull_request:
+ branches: [ master, goreleaser, next, zip-slip ]
+
+jobs:
+
+ build:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v2
+
+ - name: Set up Go
+ uses: actions/setup-go@v2
+ with:
+ go-version: 1.17
+
+ - name: Build
+ run: go build cmd/arc/*.go
+
+ - name: Test
+ run: go test -v ./...
diff --git a/.github/workflows/windows-latest.yml b/.github/workflows/windows-latest.yml
new file mode 100644
index 00000000..f1ee6fdf
--- /dev/null
+++ b/.github/workflows/windows-latest.yml
@@ -0,0 +1,25 @@
+name: Windows-latest
+
+on:
+ push:
+ branches: [ master, goreleaser, next, zip-slip ]
+ pull_request:
+ branches: [ master, goreleaser, next, zip-slip ]
+
+jobs:
+
+ build:
+ runs-on: windows-latest
+ steps:
+ - uses: actions/checkout@v2
+
+ - name: Set up Go
+ uses: actions/setup-go@v2
+ with:
+ go-version: 1.17
+
+ - name: Build
+ run: go build cmd/arc/*.go
+
+ - name: Test
+ run: go test -v ./...
diff --git a/README.md b/README.md
index 5ea9833e..b0599109 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
-# archiver [![archiver GoDoc](https://img.shields.io/badge/reference-godoc-blue.svg?style=flat-square)](https://pkg.go.dev/github.com/mholt/archiver?tab=doc)
+# archiver [![archiver GoDoc](https://img.shields.io/badge/reference-godoc-blue.svg?style=flat-square)](https://pkg.go.dev/github.com/mholt/archiver?tab=doc) [![Ubuntu-latest](https://github.com/mholt/archiver/actions/workflows/windows-latest.yml/badge.svg)](https://github.com/mholt/archiver/actions/workflows/ubuntu-latest.yml) [![Macos-latest](https://github.com/mholt/archiver/actions/workflows/windows-latest.yml/badge.svg)](https://github.com/mholt/archiver/actions/workflows/macos-latest.yml) [![Windows-latest](https://github.com/mholt/archiver/actions/workflows/windows-latest.yml/badge.svg)](https://github.com/mholt/archiver/actions/workflows/windows-latest.yml)
-Introducing **Archiver 3.1** - a cross-platform, multi-format archive utility and Go library. A powerful and flexible library meets an elegant CLI in this generic replacement for several platform-specific or format-specific archive utilities.
+Introducing **Archiver 3** - a cross-platform, multi-format archive utility and Go library. A powerful and flexible library meets an elegant CLI in this generic replacement for several platform-specific or format-specific archive utilities.
## Features
@@ -203,11 +203,11 @@ The archiver package allows you to easily create and open archives, walk their c
To use as a dependency in your project:
```bash
-go get github.com/mholt/archiver/v3
+go get github.com/iotanbo/archiver/v3@v3.5.1-iotanbo
```
```go
-import "github.com/mholt/archiver/v3"
+import "github.com/iotanbo/archiver/v3"
```
[See the package's GoDoc](https://pkg.go.dev/github.com/mholt/archiver?tab=doc) for full API documentation.
diff --git a/archiver.go b/archiver.go
index b09699d6..ea53eb57 100644
--- a/archiver.go
+++ b/archiver.go
@@ -125,6 +125,9 @@ type File struct {
type FileInfo struct {
os.FileInfo
CustomName string
+ // Stores path to the source.
+ // Used when reading a symlink.
+ SrcPath string
}
// Name returns fi.CustomName if not empty;
@@ -358,10 +361,11 @@ func isSymlink(fi os.FileInfo) bool {
// within returns true if sub is within or equal to parent.
func within(parent, sub string) bool {
- rel, err := filepath.Rel(parent, sub)
+ rel, err := filepath.Rel(parent, sub) //rel
if err != nil {
return false
}
+ //return true
return !strings.Contains(rel, "..")
}
diff --git a/cmd/arc/main.go b/cmd/arc/main.go
index fd28ac5f..e77b226e 100644
--- a/cmd/arc/main.go
+++ b/cmd/arc/main.go
@@ -10,8 +10,8 @@ import (
"path/filepath"
"strings"
+ "github.com/iotanbo/archiver/v3"
"github.com/klauspost/compress/zip"
- "github.com/mholt/archiver/v3"
"github.com/nwaples/rardecode"
)
diff --git a/error_test.go b/error_test.go
index d47ed85f..7af80952 100644
--- a/error_test.go
+++ b/error_test.go
@@ -6,7 +6,7 @@ import (
"os"
"testing"
- "github.com/mholt/archiver/v3"
+ "github.com/iotanbo/archiver/v3"
)
func TestIllegalPathErrorString(t *testing.T) {
diff --git a/go.mod b/go.mod
index ca511dc9..4df0455d 100644
--- a/go.mod
+++ b/go.mod
@@ -1,4 +1,4 @@
-module github.com/mholt/archiver/v3
+module github.com/iotanbo/archiver/v3
go 1.13
diff --git a/go.sum b/go.sum
index e874a9ce..279fc05e 100644
--- a/go.sum
+++ b/go.sum
@@ -9,7 +9,6 @@ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
github.com/klauspost/compress v1.4.1/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A=
github.com/klauspost/compress v1.11.4 h1:kz40R/YWls3iqT9zX9AHN3WoVsrAWVyui5sxuLqiXqU=
github.com/klauspost/compress v1.11.4/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
-github.com/klauspost/cpuid v1.2.0 h1:NMpwD2G9JSFOE1/TJjGSo5zG7Yb2bTe7eq1jH+irmeE=
github.com/klauspost/cpuid v1.2.0/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek=
github.com/klauspost/pgzip v1.2.5 h1:qnWYvvKqedOF2ulHpMG72XQol4ILEJ8k2wwRl/Km8oE=
github.com/klauspost/pgzip v1.2.5/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs=
diff --git a/tar.go b/tar.go
index b672a71e..d68616d3 100644
--- a/tar.go
+++ b/tar.go
@@ -327,6 +327,7 @@ func (t *Tar) writeWalk(source, topLevelFolder, destination string) error {
FileInfo: FileInfo{
FileInfo: info,
CustomName: nameInArchive,
+ SrcPath: fpath,
},
ReadCloser: file,
})
@@ -372,10 +373,14 @@ func (t *Tar) Write(f File) error {
var linkTarget string
if isSymlink(f) {
+ fi, ok := f.FileInfo.(FileInfo)
+ if !ok {
+ return fmt.Errorf("failed to cast fs.FileInfo to archiver.FileInfo: %v", f)
+ }
var err error
- linkTarget, err = os.Readlink(f.Name())
+ linkTarget, err = os.Readlink(fi.SrcPath)
if err != nil {
- return fmt.Errorf("%s: readlink: %v", f.Name(), err)
+ return fmt.Errorf("%s: readlink: %v", fi.SrcPath, err)
}
}
diff --git a/tar_test.go b/tar_test.go
index 7a9d3541..2f913987 100644
--- a/tar_test.go
+++ b/tar_test.go
@@ -6,7 +6,7 @@ import (
"path"
"testing"
- "github.com/mholt/archiver/v3"
+ "github.com/iotanbo/archiver/v3"
)
func requireRegularFile(t *testing.T, path string) os.FileInfo {
diff --git a/zip.go b/zip.go
index 07fcc756..31ee38d3 100644
--- a/zip.go
+++ b/zip.go
@@ -350,6 +350,7 @@ func (z *Zip) writeWalk(source, topLevelFolder, destination string) error {
FileInfo: FileInfo{
FileInfo: info,
CustomName: nameInArchive,
+ SrcPath: fpath,
},
ReadCloser: file,
})
@@ -431,14 +432,18 @@ func (z *Zip) writeFile(f File, writer io.Writer) error {
return nil // directories have no contents
}
if isSymlink(f) {
+ fi, ok := f.FileInfo.(FileInfo)
+ if !ok {
+ return fmt.Errorf("failed to cast fs.FileInfo to archiver.FileInfo: %v", f)
+ }
// file body for symlinks is the symlink target
- linkTarget, err := os.Readlink(f.Name())
+ linkTarget, err := os.Readlink(fi.SrcPath)
if err != nil {
- return fmt.Errorf("%s: readlink: %v", f.Name(), err)
+ return fmt.Errorf("%s: readlink: %v", fi.SrcPath, err)
}
_, err = writer.Write([]byte(filepath.ToSlash(linkTarget)))
if err != nil {
- return fmt.Errorf("%s: writing symlink target: %v", f.Name(), err)
+ return fmt.Errorf("%s: writing symlink target: %v", fi.SrcPath, err)
}
return nil
}