[jenkinsci/jenkins] e7cc06: handle absolute paths correctly when unzipping

Mon, 08 Apr 2019 12:51:22 -0700 

  Branch: refs/heads/master
  Home:   https://github.com/jenkinsci/jenkins
  Commit: e7cc06e7458303913498779af2c2fa3353f4dab1
      
https://github.com/jenkinsci/jenkins/commit/e7cc06e7458303913498779af2c2fa3353f4dab1
  Author: aviadatsnyk <av...@snyk.io>
  Date:   2018-05-08 (Tue, 08 May 2018)

  Changed paths:
    M core/src/main/java/hudson/FilePath.java

  Log Message:
  -----------
  handle absolute paths correctly when unzipping

When checking that an unzipped file does not break out of the target directory 
- this handles '..' in absolute paths correctly, where the previous 
implementation might not.


  Commit: 36ab43f6af38b948bac878cbc909d17e57210467
      
https://github.com/jenkinsci/jenkins/commit/36ab43f6af38b948bac878cbc909d17e57210467
  Author: Wadeck Follonier <wadeck.follon...@gmail.com>
  Date:   2019-04-08 (Mon, 08 Apr 2019)

  Changed paths:
    M test/src/test/java/hudson/FilePathTest.java
    A 
test/src/test/resources/hudson/FilePathTest/zip_with_relative/zip-rel-one-up.zip
    A 
test/src/test/resources/hudson/FilePathTest/zip_with_relative/zip-slip-win.zip
    A test/src/test/resources/hudson/FilePathTest/zip_with_relative/zip-slip.zip
    A 
test/src/test/resources/hudson/FilePathTest/zip_with_relative/zip-with-folder.zip

  Log Message:
  -----------
  Add tests (also for #3402)


  Commit: 58dfce4b1cce1e4cb88bec81b62583e2decc2f44
      
https://github.com/jenkinsci/jenkins/commit/58dfce4b1cce1e4cb88bec81b62583e2decc2f44
  Author: Baptiste Mathus <bmat...@gmail.com>
  Date:   2019-04-08 (Mon, 08 Apr 2019)

  Changed paths:
    M core/src/main/java/hudson/FilePath.java
    M test/src/test/java/hudson/FilePathTest.java
    A 
test/src/test/resources/hudson/FilePathTest/zip_with_relative/zip-rel-one-up.zip
    A 
test/src/test/resources/hudson/FilePathTest/zip_with_relative/zip-slip-win.zip
    A test/src/test/resources/hudson/FilePathTest/zip_with_relative/zip-slip.zip
    A 
test/src/test/resources/hudson/FilePathTest/zip_with_relative/zip-with-folder.zip

  Log Message:
  -----------
  Merge pull request #3425 from aviadatsnyk/patch-1

[JENKINS-56931] handle absolute paths correctly when unzipping


Compare: 
https://github.com/jenkinsci/jenkins/compare/e57d7a5bdf83...58dfce4b1cce

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Commits" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-commits+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to