mirror of
https://github.com/neovim/neovim.git
synced 2025-09-05 19:08:15 +00:00
77c6cae25b
Problem: [security]: path traversal issue in tar.vim
(@ax)
Solution: warn the user for such things, drop leading /, don't
forcefully overwrite files when writing temporary files,
refactor autoload/tar.vim
tar.vim: drop leading / in path names
A tar archive containing files with leading `/` may cause confusions as
to where the content is extracted. Let's make sure we drop the leading
`/` and use a relative path instead.
Also while at it, had to refactor it quite a bit and increase the
minimum supported Vim version to v9. Also add a test for some basic tar
functionality
closes: vim/vim#17733
87757c6b0a
Co-authored-by: Christian Brabandt <cb@256bit.org>
10 KiB
10 KiB