hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
codeql-cli-2.7.5
codeql/java/ql/test/query-tests/security/CWE-022/semmle/tests/ZipTest.java
yo-h e194411cfa Java: fix javac errors in test code
2021-02-09 09:16:57 -05:00

64 lines
2.2 KiB
Java
Raw Permalink Blame History

import java.io.*;
import java.nio.file.*;
import java.util.zip.*;
public class ZipTest {
public void m1(ZipEntry entry, File dir) throws Exception {
String name = entry.getName();
File file = new File(dir, name);
FileOutputStream os = new FileOutputStream(file); // ZipSlip
RandomAccessFile raf = new RandomAccessFile(file, "rw"); // ZipSlip
FileWriter fw = new FileWriter(file); // ZipSlip
}
public void m2(ZipEntry entry, File dir) throws Exception {
String name = entry.getName();
File file = new File(dir, name);
File canFile = file.getCanonicalFile();
String canDir = dir.getCanonicalPath();
if (!canFile.toPath().startsWith(canDir))
throw new Exception();
FileOutputStream os = new FileOutputStream(file); // OK
}
public void m3(ZipEntry entry, File dir) throws Exception {
String name = entry.getName();
File file = new File(dir, name);
if (!file.toPath().normalize().startsWith(dir.toPath()))
throw new Exception();
FileOutputStream os = new FileOutputStream(file); // OK
}
private void validate(File tgtdir, File file) throws Exception {
File canFile = file.getCanonicalFile();
if (!canFile.toPath().startsWith(tgtdir.toPath()))
throw new Exception();
}
public void m4(ZipEntry entry, File dir) throws Exception {
String name = entry.getName();
File file = new File(dir, name);
validate(dir, file);
FileOutputStream os = new FileOutputStream(file); // OK
}
public void m5(ZipEntry entry, File dir) throws Exception {
String name = entry.getName();
File file = new File(dir, name);
Path absfile = file.toPath().toAbsolutePath().normalize();
Path absdir = dir.toPath().toAbsolutePath().normalize();
if (!absfile.startsWith(absdir))
throw new Exception();
FileOutputStream os = new FileOutputStream(file); // OK
}
public void m6(ZipEntry entry, Path dir) throws Exception {
String canonicalDest = dir.toFile().getCanonicalPath();
Path target = dir.resolve(entry.getName());
String canonicalTarget = target.toFile().getCanonicalPath();
if (!canonicalTarget.startsWith(canonicalDest + File.separator))
throw new Exception();
OutputStream os = Files.newOutputStream(target); // OK
}
}
Reference in New Issue View Git Blame Copy Permalink