1 2Archives for regression testing. 3 4abspath.lzh - Archive containing a file with an absolute path. For 5 security reasons, file extraction should always be done 6 relative to the extraction path. If extraction to 7 absolute paths was permitted, it would potentially allow 8 arbitrary files on the filesystem to be overwritten. 9 10badterm.lzh - Archive containing a file that includes an unsafe 11 terminal escape sequence (changes the title in the 12 terminal window). This terminal escape sequence should 13 not appear in list output. 14 15dir.lzh - Archive that just contains a directory. 16 17multiple.lzh - Archive containing multiple stored files with different 18 names, for testing wildcard pattern matching. 19 20truncated.lzh - Unexpectedly truncated -lh5- archive. 21 22unixsep.lzh - Archive containing a level 0 header where the filename 23 has a path separated with Unix-style path separators 24 ('/') instead of DOS-style ('\'). This file is manually 25 constructed, but archives like this do exist in the wild. 26 27symlink1.lzh - Symbolic link test. The archive contains a file named 28 foo.txt twice - firstly as a symbolic link to bar.txt, 29 and then as an actual file. Extraction should not 30 create bar.txt, or arbitrary files could be overwritten 31 by a maliciously constructed archive file. 32 33symlink2.lzh - This archive contains a symbolic link with '..' in the 34 target, and a file that tries to use that symlink to 35 overwrite files outside the extract directory. 36 37symlink3.lzh - This archive contains a symbolic link with an absolute 38 path, and a file that tries to use the symlink to 39 overwrite files outside the extract directory. 40 41dotdot.lzh - Archive containing paths with '..'. This could be used 42 to break out of the extract directory and overwrite 43 arbitrary files on the filesystem. 44 45