This is an automated email from the ASF dual-hosted git repository.
kirs pushed a commit to branch dev
in repository https://gitbox.apache.org/repos/asf/incubator-seatunnel.git
The following commit(s) were added to refs/heads/dev by this push:
new 7eb19a9 [Bug] [core] Arbitrary file write during archive extraction
("Zip Slip") (#1583)
7eb19a9 is described below
commit 7eb19a971aea7cfac76feeccadffa35ce4e79845
Author: ChunFu Wu <[email protected]>
AuthorDate: Sat Mar 26 23:28:29 2022 +0800
[Bug] [core] Arbitrary file write during archive extraction ("Zip Slip")
(#1583)
---
.../src/main/java/org/apache/seatunnel/utils/CompressionUtils.java | 3 +++
1 file changed, 3 insertions(+)
diff --git
a/seatunnel-core/seatunnel-core-base/src/main/java/org/apache/seatunnel/utils/CompressionUtils.java
b/seatunnel-core/seatunnel-core-base/src/main/java/org/apache/seatunnel/utils/CompressionUtils.java
index bab7192..425102c 100644
---
a/seatunnel-core/seatunnel-core-base/src/main/java/org/apache/seatunnel/utils/CompressionUtils.java
+++
b/seatunnel-core/seatunnel-core-base/src/main/java/org/apache/seatunnel/utils/CompressionUtils.java
@@ -65,6 +65,9 @@ public final class CompressionUtils {
TarArchiveEntry entry = null;
while ((entry = (TarArchiveEntry) debInputStream.getNextEntry())
!= null) {
final File outputFile = new File(outputDir, entry.getName());
+ if
(!outputFile.toPath().normalize().startsWith(outputDir.toPath())) {
+ throw new IllegalStateException("Bad zip entry");
+ }
if (entry.isDirectory()) {
LOGGER.info("Attempting to write output directory {}.",
outputFile.getAbsolutePath());
if (!outputFile.exists()) {
