Mirrors/yuzu
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

android: Fix potential zip traversal exploit

Browse source
This commit is contained in:
Charles Lombardo 2023-05-01 01:02:41 -04:00 committed by bunnei
parent d1fb7ea58b
commit 3281dc597e
1 changed files with 9 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
src/android/app/src/main/java/org/yuzu/yuzu_emu/utils/GpuDriverHelper.kt
View file

@ -7,6 +7,7 @@ import android.content.Context
import android.net.Uri import android.net.Uri
import org.yuzu.yuzu_emu.NativeLibrary import org.yuzu.yuzu_emu.NativeLibrary
import org.yuzu.yuzu_emu.utils.FileUtil.copyUriToInternalStorage import org.yuzu.yuzu_emu.utils.FileUtil.copyUriToInternalStorage
import java.io.BufferedInputStream
import java.io.File import java.io.File
import java.io.FileInputStream import java.io.FileInputStream
import java.io.FileOutputStream import java.io.FileOutputStream
@ -28,12 +29,17 @@ object GpuDriverHelper {
if (!dir.exists()) dir.mkdirs() if (!dir.exists()) dir.mkdirs()
// Unpack the files. // Unpack the files.
val zis = ZipInputStream(FileInputStream(zipFilePath)) val inputStream = FileInputStream(zipFilePath)
val zis = ZipInputStream(BufferedInputStream(inputStream))
val buffer = ByteArray(1024) val buffer = ByteArray(1024)
var ze = zis.nextEntry var ze = zis.nextEntry
while (ze != null) { while (ze != null) {
val fileName = ze.name val newFile = File(destDir, ze.name)
val newFile = File(destDir + fileName) val canonicalPath = newFile.canonicalPath
if (!canonicalPath.startsWith(destDir + ze.name)) {
throw SecurityException("Zip file attempted path traversal! " + ze.name)
}
newFile.parentFile!!.mkdirs() newFile.parentFile!!.mkdirs()
val fos = FileOutputStream(newFile) val fos = FileOutputStream(newFile)
var len: Int var len: Int