The-Homebrew-Cloud/dolphin
2
0
Fork 0
mirror of https://github.com/dolphin-emu/dolphin.git synced 2025-01-24 06:51:17 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #10425 from JosJuice/android-import-path-traversal

Browse Source 
Android: Fix path traversal when importing user data
This commit is contained in:
JMC47 2022-02-01 04:18:33 -05:00 committed by GitHub
commit 5e59561637
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Source/Android/app/src/main/java/org/dolphinemu/dolphinemu/activities/UserDataActivity.java
View File

@ -19,6 +19,7 @@ import androidx.appcompat.app.AppCompatActivity;
import org.dolphinemu.dolphinemu.R; import org.dolphinemu.dolphinemu.R;
import org.dolphinemu.dolphinemu.utils.DirectoryInitialization; import org.dolphinemu.dolphinemu.utils.DirectoryInitialization;
import org.dolphinemu.dolphinemu.utils.Log;
import org.dolphinemu.dolphinemu.utils.ThreadUtil; import org.dolphinemu.dolphinemu.utils.ThreadUtil;
import java.io.File; import java.io.File;
@ -185,6 +186,7 @@ public class UserDataActivity extends AppCompatActivity
try (ZipInputStream zis = new ZipInputStream(is)) try (ZipInputStream zis = new ZipInputStream(is))
{ {
File userDirectory = new File(DirectoryInitialization.getUserDirectory()); File userDirectory = new File(DirectoryInitialization.getUserDirectory());
String userDirectoryCanonicalized = userDirectory.getCanonicalPath() + '/';
sMustRestartApp = true; sMustRestartApp = true;
deleteChildrenRecursively(userDirectory); deleteChildrenRecursively(userDirectory);
@ -198,6 +200,12 @@ public class UserDataActivity extends AppCompatActivity
File destFile = new File(userDirectory, ze.getName()); File destFile = new File(userDirectory, ze.getName());
File destDirectory = ze.isDirectory() ? destFile : destFile.getParentFile(); File destDirectory = ze.isDirectory() ? destFile : destFile.getParentFile();
if (!destFile.getCanonicalPath().startsWith(userDirectoryCanonicalized))
{
Log.error("Zip file attempted path traversal! " + ze.getName());
return R.string.user_data_import_failure;
}
if (!destDirectory.isDirectory() && !destDirectory.mkdirs()) if (!destDirectory.isDirectory() && !destDirectory.mkdirs())
{ {
throw new IOException("Failed to create directory " + destDirectory); throw new IOException("Failed to create directory " + destDirectory);