Skip to content

S
spring-boot
Commit 2993e687 authored by trungPa's avatar trungPa Committed by Andy Wilkinson
Browse files
Options

Prevent extracting zip entries outside of destination path 

See gh-25505
parent da3920bd
Hide whitespace changes
Inline Side-by-side
Showing with 1 addition and 1 deletion
spring-boot-project/spring-boot-tools/spring-boot-jarmode-layertools/src/main/java/org/springframework/boot/jarmode/layertools/ExtractCommand.java
View file @ 2993e687
...@@ -88,7 +88,7 @@ class ExtractCommand extends Command { ...@@ -88,7 +88,7 @@ class ExtractCommand extends Command {
private void write(ZipInputStream zip, ZipEntry entry, File destination) throws IOException { private void write(ZipInputStream zip, ZipEntry entry, File destination) throws IOException {
String path = StringUtils.cleanPath(entry.getName()); String path = StringUtils.cleanPath(entry.getName());
File file = new File(destination, path); File file = new File(destination, path);
if (file.getAbsolutePath().startsWith(destination.getAbsolutePath())) { if (file.getCanonicalPath().startsWith(destination.getCanonicalPath() + File.separator)) {
mkParentDirs(file); mkParentDirs(file);
try (OutputStream out = new FileOutputStream(file)) { try (OutputStream out = new FileOutputStream(file)) {
StreamUtils.copy(zip, out); StreamUtils.copy(zip, out);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment