infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Land #7930, Fix CVE-2017-5228

bug/bundler_fix
Brent Cook 2017-02-07 19:21:56 -06:00
parent d0f6d4ef45 56cf6b129d
commit db36cf5755
No known key found for this signature in database
GPG Key ID: 1FFAA0B24B708F96
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb
View File

@ -222,7 +222,11 @@ class Dir < Rex::Post::Dir
end
dir_files.each { |src_sub|
dst_item = dst + ::File::SEPARATOR + client.unicode_filter_encode(src_sub)
dst_sub = src_sub.dup
dst_sub.gsub!(::File::SEPARATOR, '_') # '/' on all systems
dst_sub.gsub!(::File::ALT_SEPARATOR, '_') if ::File::ALT_SEPARATOR # nil on Linux, '\' on Windows
dst_item = ::File.join(dst, client.unicode_filter_encode(dst_sub))
src_item = src + client.fs.file.separator + client.unicode_filter_encode(src_sub)
if (src_sub == '.' or src_sub == '..')