Overview

File CVE-2019-13173.patch of Package nodejs4

CVE-2019-13173

Backported from
https://github.com/npm/fstream/commit/6a77d2fa6e1462693cf8e46f930da96ec1b0bb22

From 6a77d2fa6e1462693cf8e46f930da96ec1b0bb22 Mon Sep 17 00:00:00 2001
From: isaacs <i@izs.me>
Date: Tue, 14 May 2019 17:37:57 -0700
Subject: [PATCH] Clobber a Link if it's in the way of a File

Fixes https://github.com/npm/node-tar/issues/212
---
 lib/writer.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/writer.js b/lib/writer.js
index 140e449..3f10547 100644
--- a/deps/npm/node_modules/fstream/lib/writer.js
+++ b/deps/npm/node_modules/fstream/lib/writer.js
@@ -147,7 +147,7 @@ Writer.prototype._stat = function (current) {
 
     // if it's a type change, then we need to clobber or error.
     // if it's not a type change, then let the impl take care of it.
-    if (currentType !== self.type) {
+    if (currentType !== self.type || self.type === 'File' && current.nlink > 1) {
       return rimraf(self._path, function (er) {
         if (er) return self.error(er)
         self._old = null
openSUSE Build Service is sponsored by
Places