Changeset 17964 in josm for trunk


Ignore:
Timestamp:
2021-07-08T21:40:58+02:00 (3 years ago)
Author:
Don-vip
Message:

see #20257 - CodeQL - java/zipslip - Checks for Zip Slip Vulnerability (CWE-22 / path traversal)

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/org/openstreetmap/josm/gui/io/DownloadFileTask.java

    r13493 r17964  
    1414import java.nio.file.Files;
    1515import java.nio.file.InvalidPathException;
     16import java.nio.file.Path;
     17import java.nio.file.Paths;
    1618import java.nio.file.StandardCopyOption;
    1719import java.util.Enumeration;
     
    181183     */
    182184    public static void unzipFileRecursively(File file, String dir) throws IOException {
     185        Path dirPath = Paths.get(dir);
    183186        try (ZipFile zf = new ZipFile(file, StandardCharsets.UTF_8)) {
    184187            Enumeration<? extends ZipEntry> es = zf.entries();
     
    186189                ZipEntry ze = es.nextElement();
    187190                File newFile = new File(dir, ze.getName());
     191                // Checks for Zip Slip Vulnerability (CWE-22 / path traversal)
     192                if (!newFile.toPath().normalize().startsWith(dirPath)) {
     193                    throw new IOException("Bad zip entry - Invalid or malicious file, potential CWE-22 attack");
     194                }
    188195                if (ze.isDirectory()) {
    189196                    Utils.mkDirs(newFile);
Note: See TracChangeset for help on using the changeset viewer.