safearchive

This is not an officially supported Google product.

Safe-by-construction libraries for processing tar and zip archives, to replace unsafe alternatives like archive/tar and archive/zip that are at risk of path traversal attacks. Besides crafted filename entries in the archive, this library also protects from symbolic link attacks.

Usage

These libraries are fully compatible with their golang core counterpart, so switching to them is as easy as changing the library import at the top, no further modifications are needed.

The built-in security measures can be turned on or off one by one. Only those security checks are enabled by default that do not break existing setups.

You may enable the other features individually like this:

tr := tar.NewReader(buf)
tr.SetSecurityMode(tr.GetSecurityMode() | tar.SanitizeFileMode | tar.DropXattrs)

or

tr.SetSecurityMode(tar.MaximumSecurityMode)

You may opt out from a certain feature like this:

tr.SetSecurityMode(tr.GetSecurityMode() &^ tar.SanitizeFileMode)

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
sanitizer		sanitizer
tar		tar
zip		zip
.gitignore		.gitignore
BUILD.bazel		BUILD.bazel
CONTRIBUTING.md		CONTRIBUTING.md
LICENSE		LICENSE
README.md		README.md
WORKSPACE		WORKSPACE
go.mod		go.mod
go.sum		go.sum
repositories.bzl		repositories.bzl

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

safearchive

Usage

About

Releases

Packages

Languages

License

google/safearchive

Folders and files

Latest commit

History

Repository files navigation

safearchive

Usage

About

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages