relative symlinks failing(Out-of path file extraction) with new commit cde460582ff389404b5b3ccb59374e9b389de916 #35
Comments
|
Same for nextcloud/news#1086 |
|
Hi @QuesarVII! The mentioned .tar.gz file has the following entry:
but the file |
|
I've created #36, because GitHub does not allow .tar attachments. I'm far from a PHP expert, but I think the usage of Line 2127 in 10db38c There's a note in the docs, that might be related:
|
|
I have added a proposed fix in c440890. |
I didn't realize it was a broken symlink initially. Thanks. However, the way the extraction process boils down to doing it per file, a symlink's target might not exist yet anyway. This makes realpath fail to work properly, so a text processing solution like woefe provided is probably the right solution. Thanks! |
|
Yep, you're probably right. I'll take a look at that later this week. Thanks! |
|
Fixed by #36. |
Hi,
I've been trying to install twofactor_webauthn in NextCloud but kept getting an error "Could not extract app twofactor_webauthn". NextCloud doesn't seem to report the msg from the _error function in Archive_Tar(or I'm not looking in the right place?), but I modified the _error function to log it to file and caught this problem:
Out-of-path file extraction {/tmp/oc_tmp_lrJaMb-folder/twofactor_webauthn/vendor/bin/doctrine-dbal --> ../doctrine/dbal/bin/doctrine-dbalp_path}
That symlink is not out of path, so I'm not sure why it's failing. Here is a link to the tarball to investigate if desired: https://github.com/michib/nextcloud_twofactor_webauthn/releases/download/0.2.6/twofactor_webauthn-0.2.6.tar.gz
And here is a link to the bug report on the NextCloud app:
nextcloud/twofactor_webauthn#48
Thanks!
Rick
The text was updated successfully, but these errors were encountered: