hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
66737402c20fc83b3d3a654dcccf4b26c901b100
codeql/javascript/ql/test/query-tests/Security/CWE-522-DecompressionBombs/unzip.js
amammad 5a49f6bb9b fix tests
2023-10-06 22:10:57 +02:00

26 lines
717 B
JavaScript
Raw Blame History

const unzip = require("unzip");
const { createWriteStream } = require("fs");
const express = require('express')
const fileUpload = require("express-fileupload");
const { Readable } = require("stream");
const app = express();
app.use(fileUpload());
app.listen(3000, () => {
});
app.post('/upload', async (req, res) => {
const InputStream = Readable.from(req.files.ZipFile.data);
InputStream.pipe(unzip.Parse())
.on('entry', function (entry) {
if (entry.uncompressedSize > 1024) {
throw "uncompressed size exceed"
}
});
let writeStream = createWriteStream('output/path');
InputStream
.pipe(unzip.Parse())
.pipe(writeStream)
});
Reference in New Issue View Git Blame Copy Permalink