Skip to content

Commit

Permalink
Merge pull request wixtoolset#497 from firegiant/6075-zip-slip
Browse files Browse the repository at this point in the history
Prevent Zip Slip when using ArchiveFileStreamContext to decompress
  • Loading branch information
robmen authored Sep 15, 2019
2 parents d67a5ce + a557176 commit c80057f
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 0 deletions.
1 change: 1 addition & 0 deletions history/zipslip.md
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
* RobMen: WIXBUG:6075 - Fix "Zip Slip" vulnerability in DTF.
12 changes: 12 additions & 0 deletions src/DTF/Libraries/Compression/ArchiveFileStreamContext.cs
Original file line number Diff line number Diff line change
Expand Up @@ -638,6 +638,8 @@ private string TranslateFilePath(string path)

if (filePath != null)
{
this.ValidateArchivePath(filePath);

if (this.directory != null)
{
filePath = Path.Combine(this.directory, filePath);
Expand All @@ -647,6 +649,16 @@ private string TranslateFilePath(string path)
return filePath;
}

private void ValidateArchivePath(string filePath)
{
string basePath = Path.GetFullPath(String.IsNullOrEmpty(this.directory) ? Environment.CurrentDirectory : this.directory);
string path = Path.GetFullPath(Path.Combine(basePath, filePath));
if (!path.StartsWith(basePath, StringComparison.InvariantCultureIgnoreCase))
{
throw new InvalidDataException("Archive cannot contain files with absolute or traversal paths.");
}
}

#endregion
}
}

0 comments on commit c80057f

Please sign in to comment.