dearwolf/LocalAI
1
0
Fork 0
mirror of https://github.com/mudler/LocalAI.git synced 2025-05-20 10:35:01 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 21

refactor: gallery inconsistencies (#2647)

Browse source 
* refactor(gallery): move under core/

Signed-off-by: Ettore Di Giacinto <mudler@localai.io>

* fix(unarchive): do not allow symlinks

Signed-off-by: Ettore Di Giacinto <mudler@localai.io>

---------

Signed-off-by: Ettore Di Giacinto <mudler@localai.io>
This commit is contained in:
Ettore Di Giacinto 2024-06-24 17:32:12 +02:00 committed by GitHub
parent 69206fcd4b
commit a181dd0ebc
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
25 changed files with 93 additions and 54 deletions
Download patch file Download diff file Expand all files Collapse all files

13
pkg/utils/untar.go
View file

@ -2,6 +2,7 @@ package utils
import (
"fmt"
"os"
"github.com/mholt/archiver/v3"
)
@ -52,5 +53,17 @@ func ExtractArchive(archive, dst string) error {
case *archiver.TarZstd:
v.Tar = mytar
}
err = archiver.Walk(archive, func(f archiver.File) error {
if f.FileInfo.Mode()&os.ModeSymlink != 0 {
return fmt.Errorf("archive contains a symlink")
}
return nil
})
if err != nil {
return err
}
return un.Unarchive(archive, dst)
}