From ea914185bfdd6d2a000a341566f4dbbb7ecc2319 Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Tue, 14 Jan 2014 21:36:30 -0600 Subject: [PATCH] imagex-apply.1.in: Add note about directory traversal attacks --- doc/imagex-apply.1.in | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/doc/imagex-apply.1.in b/doc/imagex-apply.1.in index 46bf7ec1..1a6d0a41 100644 --- a/doc/imagex-apply.1.in +++ b/doc/imagex-apply.1.in @@ -386,6 +386,12 @@ WIMs, which usually contain LZMS-compressed solid blocks and may carry the \fI.esd\fR file extension rather than \fI.wim\fR. However, \fI.esd\fR files downloaded directly by the Windows 8 web downloader have encrypted segments, and wimlib cannot extract such files until they are first decrypted. +.PP +\fIDirectory traversal attacks\fR: wimlib validates filenames before extracting +them and is not vulnerable to directory traversal attacks. This is in contrast +to Microsoft WIMGAPI/Imagex/Dism which can override arbitrary files on the +target drive when extracting a malicious WIM file containing files named +\fI..\fR or containing path separators. .SH EXAMPLES Extract the first image from the Windows PE image on the Windows Vista/7/8 installation media to the directory "boot": -- 2.43.0