Fixes the following security issue:
- CVE-2022-1271: Malicious filenames can make xzgrep to write to arbitrary
files or (with a GNU sed extension) lead to arbitrary code execution.
For more details, see the announcement and advisory:
https://www.mail-archive.com/xz-devel@tukaani.org/msg00551.htmlhttps://www.zerodayinitiative.com/advisories/ZDI-22-619/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Marcus Hoffmann <marcus.hoffmann@othermo.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 3c1324248d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
f9332d7aae