Git-Mirrors/haveno
1
0
Fork 0
mirror of https://github.com/haveno-dex/haveno.git synced 2025-12-20 10:05:31 -05:00
Code Issues Projects Releases Packages Wiki Activity

Fix Zip Slip Vulnerability in unzipToDir Method

Browse source 
The `unzipToDir` method in the utility class is vulnerable to a Zip Slip attack. This vulnerability allows an attacker to craft a malicious ZIP file with entries containing path traversal sequences (e.g., "../") that can write files outside the intended destination directory when extracted.

## Security Impact
- **Before:** An attacker could craft a malicious ZIP archive that writes files anywhere on the filesystem
- **After:** Extraction is limited to the specified destination directory, preventing path traversal attacks

Reference
acbe05349d
https://cwe.mitre.org/data/definitions/22.html
This commit is contained in:
teresa 2025-06-03 17:58:43 +08:00
parent 210e016b99
commit 05c88a17e9
1 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
common/src/main/java/haveno/common/util/ZipUtils.java
View file

@ -104,6 +104,10 @@ public class ZipUtils {
int count; int count;
while ((entry = zipStream.getNextEntry()) != null) { while ((entry = zipStream.getNextEntry()) != null) {
File file = new File(dir, entry.getName()); File file = new File(dir, entry.getName());
if (!file.toPath().normalize().startsWith(dir.toPath())) {
throw new SecurityException("ZIP entry contains path traversal attempt: " + entry.getName());
}
if (entry.isDirectory()) { if (entry.isDirectory()) {
file.mkdirs(); file.mkdirs();
} else { } else {