From b86dd72e7ab83c1fa220477ccd67f642989e2c53 Mon Sep 17 00:00:00 2001
From: Nicholas Dille <nicholas.dille@mailbox.org>
Date: Fri, 13 Oct 2023 10:35:40 +0200
Subject: [PATCH] fix: Fixed sanitation of symlinks during extraction

---
 pkg/archive/new.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/pkg/archive/new.go b/pkg/archive/new.go
index 71e4f442..565ff6e3 100644
--- a/pkg/archive/new.go
+++ b/pkg/archive/new.go
@@ -26,6 +26,7 @@ func pathIsInsideTarget(target string, candidate string) error {
 	realPath, err := filepath.EvalSymlinks(cleanPath)
 	if os.IsNotExist(err) {
 		log.Tracef("Path does not exist (yet): %s\n", cleanPath)
+		realPath = cleanPath
 
 	} else if err != nil {
 		return fmt.Errorf("ExtractTarGz: EvalSymlinks() failed: %s", err.Error())