Skip to content

Commit

Permalink
Fix zip traversal vulnerability
Browse files Browse the repository at this point in the history
Following this proposal solution MobileChromeApps#92 (comment)
  • Loading branch information
lauralujan committed Feb 10, 2022
1 parent 977b57d commit 68725df
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions src/android/Zip.java
Original file line number Diff line number Diff line change
Expand Up @@ -126,6 +126,14 @@ private void unzipSync(CordovaArgs args, CallbackContext callbackContext) {
dir.mkdirs();
} else {
File file = new File(outputDirectory + compressedName);
String canonicalDestinationPath = (new File(outputDirectory)).getCanonicalPath();
String canonicalPath = file.getCanonicalPath();
if (!canonicalPath.startsWith(canonicalDestinationPath)) {
String errorMessage = "Zip traversal security error";
callbackContext.error(errorMessage);
Log.e(LOG_TAG, errorMessage);
return;
}
file.getParentFile().mkdirs();
if(file.exists() || file.createNewFile()){
Log.w("Zip", "extracting: " + file.getPath());
Expand Down

0 comments on commit 68725df

Please sign in to comment.