After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 633617 - --writesubtree does not check for: ../../..
--writesubtree does not check for: ../../..
Status: RESOLVED OBSOLETE
Product: libxslt
Classification: Platform
Component: general
1.1.26
Other Linux
: Normal normal
: ---
Assigned To: Daniel Veillard
libxml QA maintainers
Depends on:
Blocks:
 
 
Reported: 2010-10-31 09:04 UTC by Erik Sjölund
Modified: 2021-07-05 11:00 UTC
See Also:
GNOME target: ---
GNOME version: ---


Description Erik Sjölund 2010-10-31 09:04:28 UTC 
The command line option 

--writesubtree 

for the command xsltproc does not check for ".."

The xslt script can thus write outside the directory specified with "--writesubtree".

See the following example: 

user@ubuntu:/tmp$ diff -u test1.xsl test2.xsl
--- test1.xsl                  2010-10-31 09:30:40.102110000 +0100
+++ test2.xsl                  2010-10-31 09:34:55.746110001 +0100
@@ -1,7 +1,7 @@
 <?xml version="1.0"?>
 <xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:exsl="http://exslt.org/common" version="1.0" extension-element-prefixes="exsl">
   <xsl:template match="/">
-    <exsl:document href="/tmp/dir1/a.xml">
+    <exsl:document href="/tmp/dir2/../dir1/a.xml">
       <a/>
     </exsl:document>
   </xsl:template>
user@ubuntu:/tmp$ ls /tmp/dir1
user@ubuntu:/tmp$ xsltproc --writesubtree /tmp/dir2 test1.xsl test.xml
runtime error: file test1.xsl line 4 element document
File write for /tmp/dir1/a.xml refused
runtime error: file test1.xsl line 4 element document
xsltDocumentElem: write rights for /tmp/dir1/a.xml denied
no result for test.xml
user@ubuntu:/tmp$ ls /tmp/dir1
user@ubuntu:/tmp$ xsltproc --writesubtree /tmp/dir2 test2.xsl test.xml
user@ubuntu:/tmp$ ls /tmp/dir1
a.xml
user@ubuntu:/tmp$ ls /tmp/dir2
user@ubuntu:/tmp$ cat /tmp/test1.xsl
<?xml version="1.0"?>
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:exsl="http://exslt.org/common" version="1.0" extension-element-prefixes="exsl">
  <xsl:template match="/">
    <exsl:document href="/tmp/dir1/a.xml">
      <a/>
    </exsl:document>
  </xsl:template>
</xsl:stylesheet>
user@ubuntu:/tmp$ cat /tmp/test2.xsl 
<?xml version="1.0"?>
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:exsl="http://exslt.org/common" version="1.0" extension-element-prefixes="exsl">
  <xsl:template match="/">
    <exsl:document href="/tmp/dir2/../dir1/a.xml">
      <a/>
    </exsl:document>
  </xsl:template>
</xsl:stylesheet>
user@ubuntu:/tmp$ cat /tmp/test.xml
<?xml version="1.0" encoding="UTF-8"?>
<foo/>
user@ubuntu:/tmp$ cat /etc/issue
Ubuntu 10.10 \n \l

user@ubuntu:/tmp$ xsltproc --version
Using libxml 20707, libxslt 10126 and libexslt 815
xsltproc was compiled against libxml 20707, libxslt 10126 and libexslt 815
libxslt 10126 was compiled against libxml 20707
libexslt 815 was compiled against libxml 20707



cheers,
Erik Sjölund
Comment 1 GNOME Infrastructure Team 2021-07-05 11:00:52 UTC 
GNOME is going to shut down bugzilla.gnome.org in favor of gitlab.gnome.org.
As part of that, we are mass-closing older open tickets in bugzilla.gnome.org
which have not seen updates for a longer time (resources are unfortunately
quite limited so not every ticket can get handled).

If you can still reproduce the situation described in this ticket in a recent
and supported software version, then please follow
  https://wiki.gnome.org/GettingInTouch/BugReportingGuidelines
and create a new ticket at
  https://gitlab.gnome.org/GNOME/libxslt/-/issues/

Thank you for your understanding and your help.