Upstream/bentobox
1
0
Fork 0
mirror of https://github.com/BentoBoxWorld/BentoBox.git synced 2025-01-23 16:41:42 +01:00
Code Issues Projects Releases Wiki Activity

Merge pull request #2319 from BentoBoxWorld/better_blueprint_unzip_security

Browse Source 
Uses path normalization to prevent directory traversal attacks.
This commit is contained in:
tastybento 2024-03-10 11:50:16 -07:00 committed by GitHub
commit 1c4be17690
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/main/java/world/bentobox/bentobox/managers/BlueprintClipboardManager.java
View File

@ -214,8 +214,11 @@ public class BlueprintClipboardManager {
}
private void unzipFiles(final ZipInputStream zipInputStream, final Path unzipFilePath) throws IOException {
if (!unzipFilePath.toFile().getCanonicalPath().startsWith(blueprintFolder.getCanonicalPath())) {
throw new IOException("Entry is outside of the target directory");
// Prevent directory traversal attacks by normalizing the path
if (!unzipFilePath.startsWith(blueprintFolder.getCanonicalFile().toPath().normalize())) {
throw new IOException(
"Blueprint file is trying to write outside of the target directory! Blocked attempt to write to "
+ unzipFilePath.toString());
}
try (BufferedOutputStream bos = new BufferedOutputStream(new FileOutputStream(unzipFilePath.toFile().getCanonicalPath()))) {
byte[] bytesIn = new byte[1024];