File 3002-erl_tar-Use-filelib-safe_relative_path-2.patch of Package erlang

From f3f95655e26baa0e21c4dbce51bdd7783c92e06c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?John=20H=C3=B6gberg?= <john@erlang.org>
Date: Wed, 19 Feb 2020 14:38:51 +0100
Subject: [PATCH 2/3] erl_tar: Use filelib:safe_relative_path/2

filename:safe_relative_path/1 is deprecated and unsafe, and our
local safe implementation is redundant now that
filelib:safe_relative_path/2 exists.
---
 lib/stdlib/src/erl_tar.erl | 58 +++++++---------------------------------------
 1 file changed, 8 insertions(+), 50 deletions(-)

diff --git a/lib/stdlib/src/erl_tar.erl b/lib/stdlib/src/erl_tar.erl
index 4938d3793d..cbfed30b13 100644
--- a/lib/stdlib/src/erl_tar.erl
+++ b/lib/stdlib/src/erl_tar.erl
@@ -1644,60 +1644,18 @@ write_extracted_element(#tar_header{name=Name0}=Header, Bin, Opts) ->
 
 make_safe_path([$/|Path], Opts) ->
     make_safe_path(Path, Opts);
-make_safe_path(Path, #read_opts{cwd=Cwd}) ->
-    case filename:safe_relative_path(Path) of
-        unsafe ->
-            throw({error,{Path,unsafe_path}});
-        SafePath ->
-            filename:absname(SafePath, Cwd)
+make_safe_path(Path0, #read_opts{cwd=Cwd}) ->
+    case filelib:safe_relative_path(Path0, Cwd) of
+        unsafe -> throw({error,{Path0,unsafe_path}});
+        Path -> filename:absname(Path, Cwd)
     end.
 
-safe_link_name(#tar_header{linkname=Path}, #read_opts{cwd=Cwd}) ->
-    case safe_relative_path_links(Path, Cwd) of
-        unsafe ->
-            throw({error,{Path,unsafe_symlink}});
-        SafePath ->
-            SafePath
+safe_link_name(#tar_header{linkname=Path0},#read_opts{cwd=Cwd} ) ->
+    case filelib:safe_relative_path(Path0, Cwd) of
+        unsafe -> throw({error,{Path0,unsafe_symlink}});
+        Path -> Path
     end.
 
-safe_relative_path_links(Path, Cwd) ->
-    case filename:pathtype(Path) of
-        relative -> safe_relative_path_links(filename:split(Path), Cwd, [], "");
-        _ -> unsafe
-    end.
-
-safe_relative_path_links([Segment|Segments], Cwd, PrevSegments, Acc) ->
-    AccSegment = join(Acc, Segment),
-    case lists:member(AccSegment, PrevSegments) of
-        true ->
-            unsafe;
-        false ->
-            case file:read_link(join(Cwd, AccSegment)) of
-                {ok, LinkPath} ->
-                    case filename:pathtype(LinkPath) of
-                        relative ->
-                            safe_relative_path_links(filename:split(LinkPath) ++ Segments,
-                                                     Cwd, [AccSegment|PrevSegments], Acc);
-                        _ ->
-                            unsafe
-                    end;
-
-                {error, _} ->
-                    case filename:safe_relative_path(join(Acc, Segment)) of
-                        unsafe ->
-                            unsafe;
-                        NewAcc ->
-                            safe_relative_path_links(Segments, Cwd,
-                                                     [AccSegment|PrevSegments], NewAcc)
-                    end
-            end
-    end;
-safe_relative_path_links([], _Cwd, _PrevSegments, Acc) ->
-    Acc.
-
-join([], Path) -> Path;
-join(Left, Right) -> filename:join(Left, Right).
-
 create_regular(Name, NameInArchive, Bin, Opts) ->
     case write_extracted_file(Name, Bin, Opts) of
         not_written ->
-- 
2.16.4
Places

File 3002-erl_tar-Use-filelib-safe_relative_path-2.patch of Package erlang

Places
