Copier safe template has filesystem write access outside destination path

Copier library and CLI app for rendering project templates. From 7.1.0 to before 9.9.1, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the --UNSAFE,--trust flag. As it turns out, a safe template can currently write files outside the destination path where a project shall be generated or updated. This is possible when rendering a generated directory structure whose rendered path is either a relative parent path or an absolute path. Constructing such paths is possible using Copier's builtin pathjoin Jinja filter and its builtin _copier_conf.sep variable, which is the platform-native path separator. This way, a malicious template author can create a template that overwrites arbitrary files (according to the user's write permissions), e.g., to cause havoc. This vulnerability is fixed in 9.9.1.

N/A

对路径名的限制不恰当(路径遍历)

Copier 路径遍历漏洞

Copier是Copier开源的一个用于渲染项目模板的库。 Copier 7.1.0至9.9.1之前版本存在路径遍历漏洞，该漏洞源于模板可写入目标路径外文件，可能导致任意文件覆盖。

N/A

N/A