Improve Zip Slip detection

This commit is contained in:
Nico Mexis 2022-01-07 21:52:01 +01:00
parent c968e94b2c
commit 1ec02658fe
No known key found for this signature in database
GPG key ID: 27D6E17CE092AB78

View file

@ -44,6 +44,11 @@ public final class ZipUtils {
* @throws IOException Signals that an I/O exception has occurred. * @throws IOException Signals that an I/O exception has occurred.
*/ */
public static void unzipFilesToPath(String jarPath, String destinationDir) throws IOException { public static void unzipFilesToPath(String jarPath, String destinationDir) throws IOException {
String canonicalDestDir = new File(destinationDir).getCanonicalPath();
if (!canonicalDestDir.endsWith(File.separator)) {
canonicalDestDir += File.separator;
}
File file = new File(jarPath); File file = new File(jarPath);
try (JarFile jar = new JarFile(file)) { try (JarFile jar = new JarFile(file)) {
@ -68,7 +73,7 @@ public final class ZipUtils {
String fileName = destinationDir + File.separator + entry.getName(); String fileName = destinationDir + File.separator + entry.getName();
File f = new File(fileName); File f = new File(fileName);
if (!f.getCanonicalPath().startsWith(destinationDir)) { if (!f.getCanonicalPath().startsWith(canonicalDestDir)) {
System.out.println("Zip Slip exploit detected. Skipping entry " + entry.getName()); System.out.println("Zip Slip exploit detected. Skipping entry " + entry.getName());
continue; continue;
} }