summaryrefslogtreecommitdiffstats
path: root/openecomp-be/lib/openecomp-sdc-translator-lib
diff options
context:
space:
mode:
authorPiotr Krysiak <piotr.krysiak@nokia.com>2018-07-18 14:35:48 +0200
committerVitaly Emporopulo <Vitaliy.Emporopulo@amdocs.com>2018-07-23 17:00:21 +0000
commitf58e9a8c197ab342f6495e8becaf55876e479a01 (patch)
tree233b7d667bca456ce9eb9282d598f59153d452c5 /openecomp-be/lib/openecomp-sdc-translator-lib
parented6e278e9839432b0ac08a32554f95dad023eba2 (diff)
Fix zip-slip in openecomp-be
Issue-ID: SDC-1401 Change-Id: I92cf8184ab50cb1d3b1ba2f71eab8f5701e1ee57 Signed-off-by: Piotr Krysiak <piotr.krysiak@nokia.com>
Diffstat (limited to 'openecomp-be/lib/openecomp-sdc-translator-lib')
-rw-r--r--openecomp-be/lib/openecomp-sdc-translator-lib/openecomp-sdc-translator-core/src/main/java/org/openecomp/sdc/translator/utils/ResourceWalker.java2
1 files changed, 1 insertions, 1 deletions
diff --git a/openecomp-be/lib/openecomp-sdc-translator-lib/openecomp-sdc-translator-core/src/main/java/org/openecomp/sdc/translator/utils/ResourceWalker.java b/openecomp-be/lib/openecomp-sdc-translator-lib/openecomp-sdc-translator-core/src/main/java/org/openecomp/sdc/translator/utils/ResourceWalker.java
index e5993677cd..93a2290938 100644
--- a/openecomp-be/lib/openecomp-sdc-translator-lib/openecomp-sdc-translator-core/src/main/java/org/openecomp/sdc/translator/utils/ResourceWalker.java
+++ b/openecomp-be/lib/openecomp-sdc-translator-lib/openecomp-sdc-translator-core/src/main/java/org/openecomp/sdc/translator/utils/ResourceWalker.java
@@ -123,7 +123,7 @@ public class ResourceWalker {
return zipEntry -> {
String name = zipEntry.getName();
return (name.equals(resource) || name.startsWith(resource + "/"))
- && !zipEntry.isDirectory();
+ && !zipEntry.isDirectory() && !name.contains("../");
};
}
}