修复压缩文件目录穿越漏洞

922e1e6a · 陈精华 · 79341b2c · 922e1e6a
Commit 922e1e6a authored Jun 23, 2021 by 陈精华
Show whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

CompressFileReader.java ...r/src/main/java/cn/keking/service/CompressFileReader.java +2 -2

No files found.
--- a/server/src/main/java/cn/keking/service/CompressFileReader.java
+++ b/server/src/main/java/cn/keking/service/CompressFileReader.java
@@ -55,7 +55,7 @@ public class CompressFileReader {
            List<Map<String, ZipArchiveEntry>> entriesToBeExtracted = new LinkedList<>();
            while (entries.hasMoreElements()) {
                ZipArchiveEntry entry = entries.nextElement();
-                String fullName = entry.getName();
+                String fullName = entry.getName().replaceAll("//", "").replaceAll("\\\\", "");
                int level = fullName.split(archiveSeparator).length;
                // 展示名
                String originName = getLastFileName(fullName, archiveSeparator);
@@ -151,7 +151,7 @@ public class CompressFileReader {
            List<Map<String, SevenZArchiveEntry>> entriesToBeExtracted = new ArrayList<>();
            while (newEntries.hasMoreElements()) {
                SevenZArchiveEntry entry = newEntries.nextElement();
-                String fullName = entry.getName();
+                String fullName = entry.getName().replaceAll("//", "").replaceAll("\\\\", "");
                int level = fullName.split(archiveSeparator).length;
                // 展示名
                String originName = getLastFileName(fullName, archiveSeparator);