Additional check when unpacking archives. Contributed by Wilfred Spiegelenburg.
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/9be6030c Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/9be6030c Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/9be6030c Branch: refs/heads/HDDS-48 Commit: 9be6030c09544fbba9e03e734ac2c9a1ec095357 Parents: 11f1bc7 Author: Kihwal Lee <kih...@apache.org> Authored: Tue May 29 14:15:12 2018 -0500 Committer: Hanisha Koneru <hanishakon...@apache.org> Committed: Wed May 30 14:00:26 2018 -0700 ---------------------------------------------------------------------- .../java/org/apache/hadoop/util/RunJar.java | 10 +++++ .../java/org/apache/hadoop/util/TestRunJar.java | 42 ++++++++++++++++++++ 2 files changed, 52 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hadoop/blob/9be6030c/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/util/RunJar.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/util/RunJar.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/util/RunJar.java index f1b643c..4c94dbc 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/util/RunJar.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/util/RunJar.java @@ -117,12 +117,17 @@ public class RunJar { throws IOException { try (JarInputStream jar = new JarInputStream(inputStream)) { int numOfFailedLastModifiedSet = 0; + String targetDirPath = toDir.getCanonicalPath() + File.separator; for (JarEntry entry = jar.getNextJarEntry(); entry != null; entry = jar.getNextJarEntry()) { if (!entry.isDirectory() && unpackRegex.matcher(entry.getName()).matches()) { File file = new File(toDir, entry.getName()); + if (!file.getCanonicalPath().startsWith(targetDirPath)) { + throw new IOException("expanding " + entry.getName() + + " would create file outside of " + toDir); + } ensureDirectory(file.getParentFile()); try (OutputStream out = new FileOutputStream(file)) { IOUtils.copyBytes(jar, out, BUFFER_SIZE); @@ -182,6 +187,7 @@ public class RunJar { throws IOException { try (JarFile jar = new JarFile(jarFile)) { int numOfFailedLastModifiedSet = 0; + String targetDirPath = toDir.getCanonicalPath() + File.separator; Enumeration<JarEntry> entries = jar.entries(); while (entries.hasMoreElements()) { final JarEntry entry = entries.nextElement(); @@ -189,6 +195,10 @@ public class RunJar { unpackRegex.matcher(entry.getName()).matches()) { try (InputStream in = jar.getInputStream(entry)) { File file = new File(toDir, entry.getName()); + if (!file.getCanonicalPath().startsWith(targetDirPath)) { + throw new IOException("expanding " + entry.getName() + + " would create file outside of " + toDir); + } ensureDirectory(file.getParentFile()); try (OutputStream out = new FileOutputStream(file)) { IOUtils.copyBytes(in, out, BUFFER_SIZE); http://git-wip-us.apache.org/repos/asf/hadoop/blob/9be6030c/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/util/TestRunJar.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/util/TestRunJar.java b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/util/TestRunJar.java index ea07b97..a8c27d4 100644 --- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/util/TestRunJar.java +++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/util/TestRunJar.java @@ -21,6 +21,7 @@ import static org.apache.hadoop.util.RunJar.MATCH_ANY; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; import static org.mockito.Matchers.any; import static org.mockito.Mockito.spy; import static org.mockito.Mockito.times; @@ -32,6 +33,7 @@ import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; +import java.nio.charset.StandardCharsets; import java.util.Random; import java.util.jar.JarEntry; import java.util.jar.JarOutputStream; @@ -255,4 +257,44 @@ public class TestRunJar { // it should not throw an exception verify(runJar, times(0)).unJar(any(File.class), any(File.class)); } + + @Test + public void testUnJar2() throws IOException { + // make a simple zip + File jarFile = new File(TEST_ROOT_DIR, TEST_JAR_NAME); + JarOutputStream jstream = + new JarOutputStream(new FileOutputStream(jarFile)); + JarEntry je = new JarEntry("META-INF/MANIFEST.MF"); + byte[] data = "Manifest-Version: 1.0\nCreated-By: 1.8.0_1 (Manual)" + .getBytes(StandardCharsets.UTF_8); + je.setSize(data.length); + jstream.putNextEntry(je); + jstream.write(data); + jstream.closeEntry(); + je = new JarEntry("../outside.path"); + data = "any data here".getBytes(StandardCharsets.UTF_8); + je.setSize(data.length); + jstream.putNextEntry(je); + jstream.write(data); + jstream.closeEntry(); + jstream.close(); + + File unjarDir = getUnjarDir("unjar-path"); + + // Unjar everything + try { + RunJar.unJar(jarFile, unjarDir, MATCH_ANY); + fail("unJar should throw IOException."); + } catch (IOException e) { + GenericTestUtils.assertExceptionContains( + "would create file outside of", e); + } + try { + RunJar.unJar(new FileInputStream(jarFile), unjarDir, MATCH_ANY); + fail("unJar should throw IOException."); + } catch (IOException e) { + GenericTestUtils.assertExceptionContains( + "would create file outside of", e); + } + } } \ No newline at end of file --------------------------------------------------------------------- To unsubscribe, e-mail: common-commits-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-commits-h...@hadoop.apache.org