Fix Zip Slip #950
Conversation
Description: The ziputils method is vulnerable to Zip Slip attacks, allowing malicious ZIP files to extract files outside the intended directory through path traversal sequences like Downloads. This could lead to arbitrary file write vulnerabilities. Changes: Add path traversal validation using path.normalize().startsWith(outFolder.toPath().normalize()) Throw IOException when entries attempt to escape the target directory Add parent directory creation for extracted files Maintain existing functionality while preventing directory traversal attacks Security Impact: Prevents Zip Slip attacks that could allow attackers to overwrite arbitrary files on the filesystem, potentially leading to code execution or system compromise. References: naver/ngrinder@700eb9f https://cwe.mitre.org/data/definitions/22.html
Description Fixes a critical security vulnerability where malicious ZIP files could write files outside the intended extraction directory (Zip Slip attack). Changes Added path traversal validation using canonical paths Prevents extraction of entries that would write outside the target directory Throws IOException for malicious zip entries attempting directory traversal Security Impact Prevents arbitrary file write attacks Protects against malicious ZIP files containing path traversal sequences like Downloads Maintains functionality while ensuring extracted files remain within the intended directory References: naver/ngrinder@700eb9f https://cwe.mitre.org/data/definitions/22.html
|
CLA Assistant Lite bot: I have read the CLA Document and I hereby sign the CLA You can retrigger this bot by commenting recheck in this Pull Request |
|
I have read the CLA Document and I hereby sign the CLA |
|
This PR is stale because it is related to an old version or it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days. |
|
This PR is stale because it is related to an old version or it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days. |
|
This PR was closed because it has been stalled for 5 days with no activity. |
Prevents Zip Slip attacks that could allow attackers to overwrite arbitrary files on the filesystem, potentially leading to code execution or system compromise.