go-car
go-car copied to clipboard
harden car cli extract command against symlink traversal attacks
it may be possible for a malformed car to specify a symlink, and then later in the same directory specify another entry with the same name, that could then be written into the destination of the symlink.
This should already be safe - since the final destination path is resolved and required to be within the extraction directory, but testing is needed to ensure these edge cases are properly caught as errors.