From 1cffa0923a4fcb46b1aceb7f9b50356c8c729891 Mon Sep 17 00:00:00 2001 From: Jonathan Platt Date: Mon, 19 Jul 2021 12:20:41 -0400 Subject: Fix zip slip vulnerability (CCSDK-3376) Check and enforce canonical destination path of new file to resolve zip slip vulnerability in 'DaeximOffsiteBackupProvider.java' Issue-ID: CCSDK-3376 Signed-off-by: Jonathan Platt Change-Id: I249752d7a8bb1a8075502b5130f94c32986ab8ee --- .../northbound/daeximoffsitebackup/DaeximOffsiteBackupProvider.java | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/northbound/daexim-offsite-backup/provider/src/main/java/org/onap/ccsdk/sli/northbound/daeximoffsitebackup/DaeximOffsiteBackupProvider.java b/northbound/daexim-offsite-backup/provider/src/main/java/org/onap/ccsdk/sli/northbound/daeximoffsitebackup/DaeximOffsiteBackupProvider.java index 3d32c7d74..8abefb719 100755 --- a/northbound/daexim-offsite-backup/provider/src/main/java/org/onap/ccsdk/sli/northbound/daeximoffsitebackup/DaeximOffsiteBackupProvider.java +++ b/northbound/daexim-offsite-backup/provider/src/main/java/org/onap/ccsdk/sli/northbound/daeximoffsitebackup/DaeximOffsiteBackupProvider.java @@ -333,6 +333,10 @@ public class DaeximOffsiteBackupProvider implements AutoCloseable, DaeximOffsite while(zipEntry != null){ String fileName = zipEntry.getName(); File newFile = new File(DAEXIM_DIR + fileName); + // To remediate zip slip vulnerability, ensure file has the expected canonical path + if (!newFile.getCanonicalPath().startsWith(DAEXIM_DIR)) { + throw new IOException("Entry is outside of the target directory"); + } FileOutputStream fos = new FileOutputStream(newFile); int len; while ((len = zis.read(bytes)) > 0) { -- cgit 1.2.3-korg