m/pyenv
1
0
Fork 0
mirror of https://github.com/pyenv/pyenv.git synced 2025-11-11 13:03:46 -05:00
Code Wiki Activity

CVE-2022-35861: Fixed relative path traversal due to using version string in path (#2412)

Browse Source
This commit is contained in:
James Stronz
2022-07-16 15:01:04 -07:00
committed by GitHub
parent 0eba0a5bd5
commit 22fa683571
2 changed files with 22 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
libexec/pyenv-version-file-read
View File

@@ -11,9 +11,16 @@ if [ -s "$VERSION_FILE" ]; then
IFS="${IFS}"$'\r'
sep=
while read -n 1024 -r version _ || [[ $version ]]; do
[[ -z $version || $version == \#* ]] && continue
printf "%s%s" "$sep" "$version"
sep=:
if [[ -z $version || $version == \#* ]]; then
# Skip empty lines and comments
continue
elif [ "$version" = ".." ] || [[ $version == */* ]]; then
# The version string is used to construct a path and we skip dubious values.
# This prevents issues such as path traversal (CVE-2022-35861).
continue
fi
printf "%s%s" "$sep" "$version"
sep=:
done <"$VERSION_FILE"
[[ $sep ]] && { echo; exit; }
fi