Thread: Error when ePub containt a relatif path archive name
View Single Post
Old 01-21-2022, 09:07 AM   #2
KevinH
Sigil Developer
KevinH ought to be getting tired of karma fortunes by now.KevinH ought to be getting tired of karma fortunes by now.KevinH ought to be getting tired of karma fortunes by now.KevinH ought to be getting tired of karma fortunes by now.KevinH ought to be getting tired of karma fortunes by now.KevinH ought to be getting tired of karma fortunes by now.KevinH ought to be getting tired of karma fortunes by now.KevinH ought to be getting tired of karma fortunes by now.KevinH ought to be getting tired of karma fortunes by now.KevinH ought to be getting tired of karma fortunes by now.KevinH ought to be getting tired of karma fortunes by now.
 
Posts: 8,810
Karma: 6000000
Join Date: Nov 2009
Device: many
Not an error in Sigil. Sigil will not load files outside the root path of the epub by design. No upward relative paths are needed in any epub. This is an attack vector that can be used to craft a malicious epub to overwrite system files. There was actually a CVE/security bug filed against Sigil (and "minizip") to prevent loading such epubs/zips.

Google "zip slip attack" for more details.

If you are 100% sure the epub has not been tampered with then manually unpack it and use AddExisting to add its pieces in proper form.
Last edited by KevinH; 01-21-2022 at 12:03 PM.
KevinH is online now   Reply With Quote