Bug 536480 - Extracting archives with directory traversal paths may escape the intended destination folder
Change-Id: Ie1c13f1ac22faef829b1c37d32620f0429fa26c7
Signed-off-by: Sravan Kumar Lakkimsetti <sravankumarl@in.ibm.com>
diff --git a/bundles/org.eclipse.releng.tests/src/org/eclipse/releng/tests/FileTool.java b/bundles/org.eclipse.releng.tests/src/org/eclipse/releng/tests/FileTool.java
index 2752f17..6cdd621 100644
--- a/bundles/org.eclipse.releng.tests/src/org/eclipse/releng/tests/FileTool.java
+++ b/bundles/org.eclipse.releng.tests/src/org/eclipse/releng/tests/FileTool.java
@@ -344,6 +344,11 @@
}
String entryName = entry.getName();
File file = new File(dstDir, FileTool.changeSeparator(entryName, '/', File.separatorChar));
+ String destCanPath = dstDir.getCanonicalPath();
+ String fileCanPath = file.getCanonicalPath();
+ if (!fileCanPath.startsWith(destCanPath + File.separatorChar)) {
+ throw new IOException("Entry is out side of target dir: " + entryName);
+ }
String fullEntryName = FileTool.changeSeparator(file.toString().substring(rootDstDir.toString().length() + 1), File.separatorChar, '/');
if(!(filter == null || filter.shouldExtract(fullEntryName, entryName, depth))){
continue;
