https://bugs.kde.org/show_bug.cgi?id=429925
Bug ID: 429925
Summary: ZIP directory traversal though document title corrupts
.kra files
Product: krita
Version: 4.4.1
Platform: Neon Packages
OS: Linux
Status: REPORTED
Severity: normal
Priority: NOR
Component: File formats
Assignee: krita-bugs-n...@kde.org
Reporter: xnagyti...@gmail.com
Target Milestone: ---
Created attachment 133807
--> https://bugs.kde.org/attachment.cgi?id=133807&action=edit
Observed result
SUMMARY
Entering relative paths to the document title field corrupts .kra files on save
through a ZIP directory traversal bug.
KDE Ark also flags these archives as "contains ill-formed entries and might be
a malicious archive".
STEPS TO REPRODUCE
1. Create a new document
2. File -> Document Information -> General -> Title
3. Enter "../../../../../test/" as the document title (without quotes)
4. Save as .kra and close the document
5. Reopen the document
OBSERVED RESULT
See attachment.
EXPECTED RESULT
Don't corrupt documents on save whatever the document title is.
SOFTWARE/OS VERSIONS
Linux/KDE Plasma: KDE neon 5.20
KDE Plasma Version: 5.20.3
KDE Frameworks Version: 5.76.0
Qt Version: 5.15.1
ADDITIONAL INFORMATION
--
You are receiving this mail because:
You are watching all bug changes.
