Skip to content

Commit a380eb9

Browse files
fatiherginfatihergin
committed
add zip path traversal vulnerability check for zip decompression
1 parent 4caf77b commit a380eb9

2 files changed

Lines changed: 7 additions & 1 deletion

File tree

app/build.gradle

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -78,7 +78,7 @@ android {
7878
}
7979

8080
dependencies {
81-
implementation 'com.github.fatihergin:Simple-Commons:fe7a01274a' // TODO: do not replace it with SimpleMobileTools
81+
implementation 'com.github.SimpleMobileTools:Simple-Commons:d1629c7f1a'
8282
implementation 'com.github.tibbi:AndroidPdfViewer:e6a533125b'
8383
implementation 'com.github.Stericson:RootTools:df729dcb13'
8484
implementation 'com.github.Stericson:RootShell:1.6'

app/src/main/kotlin/com/simplemobiletools/filemanager/pro/activities/DecompressActivity.kt

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@ import net.lingala.zip4j.exception.ZipException.Type
1919
import net.lingala.zip4j.io.inputstream.ZipInputStream
2020
import net.lingala.zip4j.model.LocalFileHeader
2121
import java.io.BufferedInputStream
22+
import java.io.File
2223

2324
class DecompressActivity : SimpleActivity() {
2425
companion object {
@@ -145,6 +146,11 @@ class DecompressActivity : SimpleActivity() {
145146
continue
146147
}
147148

149+
val isVulnerableForZipPathTraversal = !File(newPath).canonicalPath.startsWith(parent)
150+
if (isVulnerableForZipPathTraversal) {
151+
continue
152+
}
153+
148154
val fos = getFileOutputStreamSync(newPath, newPath.getMimeType())
149155
var count: Int
150156
while (true) {

0 commit comments

Comments
 (0)