mirror/cmake
1
0
Fork 0
mirror of https://gitlab.kitware.com/cmake/cmake.git synced 2026-01-28 20:04:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
cmake/Tests/RunCMake/File_Archive
History
Leslie P. Polzer 03f19aa4ea cmSystemTools: Fix path traversal vulnerability in archive extraction 
Add security flags to libarchive extraction to prevent path traversal
(Zip Slip) and absolute path attacks:

- ARCHIVE_EXTRACT_SECURE_NODOTDOT: Block ".." path components
- ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS: Block absolute paths
- ARCHIVE_EXTRACT_SECURE_SYMLINKS: Block symlinks escaping extract dir

This hardens both `cmake -E tar` and `file(ARCHIVE_EXTRACT)` against
malicious archives that attempt to write files outside the intended
extraction directory.
2026-01-16 08:54:07 -05:00
..
7zip-bz2-compression-level.cmake
file(ARCHIVE_CREATE): Add controls for zip and 7z compression method/level
2025-12-17 14:38:30 -05:00
7zip-bz2.cmake
file(ARCHIVE_CREATE): Add controls for zip and 7z compression method/level
2025-12-17 14:38:30 -05:00
7zip-gz.cmake
file(ARCHIVE_CREATE): Add controls for zip and 7z compression method/level
2025-12-17 14:38:30 -05:00
7zip-lzma2.cmake
file(ARCHIVE_CREATE): Add controls for zip and 7z compression method/level
2025-12-17 14:38:30 -05:00
7zip-lzma-compression-level.cmake
file(ARCHIVE_CREATE): Add controls for zip and 7z compression method/level
2025-12-17 14:38:30 -05:00
7zip-lzma.cmake
file(ARCHIVE_CREATE): Add controls for zip and 7z compression method/level
2025-12-17 14:38:30 -05:00
7zip-none.cmake
file(ARCHIVE_CREATE): Add controls for zip and 7z compression method/level
2025-12-17 14:38:30 -05:00
7zip-ppmd-compression-level.cmake
file(ARCHIVE_CREATE): Add controls for zip and 7z compression method/level
2025-12-17 14:38:30 -05:00
7zip-ppmd.cmake
file(ARCHIVE_CREATE): Add controls for zip and 7z compression method/level
2025-12-17 14:38:30 -05:00
7zip-xz-compression-level.cmake
file(ARCHIVE_CREATE): Add controls for zip and 7z compression method/level
2025-12-17 14:38:30 -05:00
7zip.cmake
argument-validation-compression-level-1-result.txt
argument-validation-compression-level-1-stderr.txt
file(ARCHIVE_CREATE): support multithreading compression
2025-12-03 02:45:30 -05:00
argument-validation-compression-level-1.cmake
argument-validation-compression-level-2-result.txt
argument-validation-compression-level-2-stderr.txt
file(ARCHIVE_CREATE): support multithreading compression
2025-12-03 02:45:30 -05:00
argument-validation-compression-level-2.cmake
argument-validation-threads-result.txt
file(ARCHIVE_CREATE): support multithreading compression
2025-12-03 02:45:30 -05:00
argument-validation-threads-stderr.txt
file(ARCHIVE_CREATE): support multithreading compression
2025-12-03 02:45:30 -05:00
argument-validation-threads.cmake
file(ARCHIVE_CREATE): support multithreading compression
2025-12-03 02:45:30 -05:00
CMakeLists.txt
compression-level.cmake
create-missing-args-result.txt
create-missing-args-stderr.txt
create-missing-args.cmake
extract-missing-args-result.txt
extract-missing-args-stderr.txt
extract-missing-args.cmake
gnutar-deflate.cmake
cli tar: support different algorithms for zip & 7z
2025-12-11 12:00:31 -05:00
gnutar-gz-compression-level.cmake
gnutar-gz.cmake
gnutar-with-bad-compression-result.txt
file(ARCHIVE_CREATE): Add controls for zip and 7z compression method/level
2025-12-17 14:38:30 -05:00
gnutar-with-bad-compression-stderr.txt
file(ARCHIVE_CREATE): Add controls for zip and 7z compression method/level
2025-12-17 14:38:30 -05:00
gnutar-with-bad-compression.cmake
file(ARCHIVE_CREATE): Add controls for zip and 7z compression method/level
2025-12-17 14:38:30 -05:00
gnutar.cmake
path-absolute-result.txt
cmSystemTools: Fix path traversal vulnerability in archive extraction
2026-01-16 08:54:07 -05:00
path-absolute-stderr.txt
cmSystemTools: Fix path traversal vulnerability in archive extraction
2026-01-16 08:54:07 -05:00
path-absolute.cmake
cmSystemTools: Fix path traversal vulnerability in archive extraction
2026-01-16 08:54:07 -05:00
path-traversal-result.txt
cmSystemTools: Fix path traversal vulnerability in archive extraction
2026-01-16 08:54:07 -05:00
path-traversal-stderr.txt
cmSystemTools: Fix path traversal vulnerability in archive extraction
2026-01-16 08:54:07 -05:00
path-traversal.cmake
cmSystemTools: Fix path traversal vulnerability in archive extraction
2026-01-16 08:54:07 -05:00
pax-lzma2.cmake
cli tar: implement LZMA support
2025-12-02 10:44:49 +03:00
pax-lzma.cmake
cli tar: implement LZMA support
2025-12-02 10:44:49 +03:00
pax-xz-compression-level.cmake
pax-xz.cmake
pax-zstd-compression-level.cmake
pax-zstd.cmake
Tests: Update expected Zstandard magic number for libarchive 3.8.2
2025-11-10 15:11:10 -05:00
pax.cmake
paxr-bz2-compression-level.cmake
paxr-bz2.cmake
paxr.cmake
roundtrip.cmake
file(ARCHIVE_CREATE): support multithreading compression
2025-12-03 02:45:30 -05:00
RunCMakeTest.cmake
cmSystemTools: Fix path traversal vulnerability in archive extraction
2026-01-16 08:54:07 -05:00
threads-bz2.cmake
file(ARCHIVE_CREATE): support multithreading compression
2025-12-03 02:45:30 -05:00
threads-gz.cmake
file(ARCHIVE_CREATE): support multithreading compression
2025-12-03 02:45:30 -05:00
threads-xz.cmake
file(ARCHIVE_CREATE): support multithreading compression
2025-12-03 02:45:30 -05:00
threads-zstd.cmake
file(ARCHIVE_CREATE): support multithreading compression
2025-12-03 02:45:30 -05:00
threads.cmake
file(ARCHIVE_CREATE): support multithreading compression
2025-12-03 02:45:30 -05:00
unsupported-compression-level-result.txt
unsupported-compression-level-stderr.txt
file(ARCHIVE_CREATE): Add controls for zip and 7z compression method/level
2025-12-17 14:38:30 -05:00
unsupported-compression-level.cmake
file(ARCHIVE_CREATE): Add controls for zip and 7z compression method/level
2025-12-17 14:38:30 -05:00
unsupported-format-result.txt
unsupported-format-stderr.txt
Tests/RunCMake: Match dots more precisely, part 3
2025-10-20 14:45:24 -04:00
unsupported-format.cmake
working-directory.cmake
zip-deflate-compression-level.cmake
file(ARCHIVE_CREATE): Add controls for zip and 7z compression method/level
2025-12-17 14:38:30 -05:00
zip-deflate.cmake
file(ARCHIVE_CREATE): Add controls for zip and 7z compression method/level
2025-12-17 14:38:30 -05:00
zip-filtered.cmake
zip-none.cmake
file(ARCHIVE_CREATE): Add controls for zip and 7z compression method/level
2025-12-17 14:38:30 -05:00
zip-with-bad-compression-result.txt
zip-with-bad-compression-stderr.txt
file(ARCHIVE_CREATE): Add controls for zip and 7z compression method/level
2025-12-17 14:38:30 -05:00
zip-with-bad-compression.cmake
file(ARCHIVE_CREATE): Add controls for zip and 7z compression method/level
2025-12-17 14:38:30 -05:00
zip.cmake