commit 720cfb139873faec3db833f1a9b9d09a02b0b32a from: Omar Polo date: Mon Aug 23 13:14:29 2021 UTC two typos commit - fd8fc65c5b9535e90c1471bed946ba9a65f1f8df commit + 720cfb139873faec3db833f1a9b9d09a02b0b32a blob - 16073116a333277e18f390f2af06c245a2f97a9c blob + 2a16006bb0a499f1f3ae4597d4257e7c477d09ae --- resources/posts/extracting-from-zips.gmi +++ resources/posts/extracting-from-zips.gmi @@ -113,7 +113,7 @@ main(int argc, char **argv) The difference is that now it accepts a variable number of files to extract after the name of the archive. -Since I’m a bit of a OpenBSD fanboy myself, I’ve added a call to pledge(2) right before the main logic of the program: this way, even if we open a faulty zip files that tricks us into doing nasty stuff, the kernel will only allows us to write to *already* opened files and nothing more. On FreeBSD a call to capsicum(4) would be more or less the same in this case. On linux you can waste some hours writing a seccomp(4) filter hoping it doesn’t break on weird architectures or libc implementation :P +Since I’m a bit of a OpenBSD fanboy myself, I’ve added a call to pledge(2) right before the main logic of the program: this way, even if we open a faulty zip files that tricks us into doing nasty stuff, the kernel will only allows us to write to *already* opened files and nothing more. On FreeBSD a call to capsicum(4) would be more or less the same in this case. On linux you can waste some hours writing a seccomp(2) filter hoping it doesn’t break on weird architectures or libc implementation :P (I’ve said already that I’m a bit of a OpenBSD fanboy myself right?) blob - bb379cbc30ff69cea24b18dbb12ec9e2d89e1c33 blob + 21f79b9fd79e6b026fd097ecdcc61126e0c93183 --- resources/posts/inspecting-zips.gmi +++ resources/posts/inspecting-zips.gmi @@ -1,6 +1,6 @@ => /post/extracting-from-zips.gmi Part two: “Extracting files from zips” -=> //git.omarpolo.com/zip-view/ The code for the whole series; see ‘zipls.c’ for this post in particular. +=> //git.omarpolo.com/zip-utils/ The code for the whole series; see ‘zipls.c’ for this post in particular. Edit 2021/08/20: some edits to improve the code and the commentary. Edit 2021/08/21: stricter while condition for ‘ls’ and added links to the code