-
-
Notifications
You must be signed in to change notification settings - Fork 36
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
relative symlinks failing(Out-of path file extraction) with new commit cde460582ff389404b5b3ccb59374e9b389de916 #35
Comments
Same for nextcloud/news#1086 |
Hi @QuesarVII! The mentioned .tar.gz file has the following entry:
but the file |
I've created #36, because GitHub does not allow .tar attachments. I'm far from a PHP expert, but I think the usage of Line 2127 in 10db38c
There's a note in the docs, that might be related:
|
I have added a proposed fix in c440890. |
I didn't realize it was a broken symlink initially. Thanks. However, the way the extraction process boils down to doing it per file, a symlink's target might not exist yet anyway. This makes realpath fail to work properly, so a text processing solution like woefe provided is probably the right solution. Thanks! |
Yep, you're probably right. I'll take a look at that later this week. Thanks! |
Fixed by #36. |
Hi,
I've been trying to install twofactor_webauthn in NextCloud but kept getting an error "Could not extract app twofactor_webauthn". NextCloud doesn't seem to report the msg from the _error function in Archive_Tar(or I'm not looking in the right place?), but I modified the _error function to log it to file and caught this problem:
Out-of-path file extraction {/tmp/oc_tmp_lrJaMb-folder/twofactor_webauthn/vendor/bin/doctrine-dbal --> ../doctrine/dbal/bin/doctrine-dbalp_path}
That symlink is not out of path, so I'm not sure why it's failing. Here is a link to the tarball to investigate if desired: https://github.com/michib/nextcloud_twofactor_webauthn/releases/download/0.2.6/twofactor_webauthn-0.2.6.tar.gz
And here is a link to the bug report on the NextCloud app:
nextcloud/twofactor_webauthn#48
Thanks!
Rick
The text was updated successfully, but these errors were encountered: