Domů Procházet Nápověda
Přihlásit se
apache
/
hadoop
zrcadlo https://github.com/apache/hadoop.git
2
0
Rozštěpit 1
Soubory Úkoly 0 Wiki
Procházet zdrojové kódy

Additional check when unpacking archives. Contributed by Wilfred Spiegelenburg.

(cherry picked from commit e3236a9680709de7a95ffbc11b20e1bdc95a8605)
Kihwal Lee před 7 roky
rodič
a1fd04c4f4
revize
11a425d11a
2 změnil soubory, kde provedl 55 přidání a 1 odebrání
Jednotné zobrazení Ukázat statistiku rozdílových dat
  1. 10 0
      hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/util/RunJar.java
  2. 45 1
      hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/util/TestRunJar.java

+ 10 - 0
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/util/RunJar.java
Zobrazit soubor 

@@ -113,12 +113,17 @@ public class RunJar {
 
       throws IOException {
 
       throws IOException {
 
     try (JarInputStream jar = new JarInputStream(inputStream)) {
 
     try (JarInputStream jar = new JarInputStream(inputStream)) {
 
       int numOfFailedLastModifiedSet = 0;
 
       int numOfFailedLastModifiedSet = 0;
 
+      String targetDirPath = toDir.getCanonicalPath() + File.separator;
 
       for (JarEntry entry = jar.getNextJarEntry();
 
       for (JarEntry entry = jar.getNextJarEntry();
 
            entry != null;
 
            entry != null;
 
            entry = jar.getNextJarEntry()) {
 
            entry = jar.getNextJarEntry()) {
 
         if (!entry.isDirectory() &&
 
         if (!entry.isDirectory() &&
 
             unpackRegex.matcher(entry.getName()).matches()) {
 
             unpackRegex.matcher(entry.getName()).matches()) {
 
           File file = new File(toDir, entry.getName());
 
           File file = new File(toDir, entry.getName());
 
+          if (!file.getCanonicalPath().startsWith(targetDirPath)) {
 
+            throw new IOException("expanding " + entry.getName()
 
+                + " would create file outside of " + toDir);
 
+          }
 
           ensureDirectory(file.getParentFile());
 
           ensureDirectory(file.getParentFile());
 
           try (OutputStream out = new FileOutputStream(file)) {
 
           try (OutputStream out = new FileOutputStream(file)) {
 
             IOUtils.copyBytes(jar, out, BUFFER_SIZE);
 
             IOUtils.copyBytes(jar, out, BUFFER_SIZE);
 
@@ -178,6 +183,7 @@ public class RunJar {
 
       throws IOException {
 
       throws IOException {
 
     try (JarFile jar = new JarFile(jarFile)) {
 
     try (JarFile jar = new JarFile(jarFile)) {
 
       int numOfFailedLastModifiedSet = 0;
 
       int numOfFailedLastModifiedSet = 0;
 
+      String targetDirPath = toDir.getCanonicalPath() + File.separator;
 
       Enumeration<JarEntry> entries = jar.entries();
 
       Enumeration<JarEntry> entries = jar.entries();
 
       while (entries.hasMoreElements()) {
 
       while (entries.hasMoreElements()) {
 
         final JarEntry entry = entries.nextElement();
 
         final JarEntry entry = entries.nextElement();
 
@@ -185,6 +191,10 @@ public class RunJar {
 
             unpackRegex.matcher(entry.getName()).matches()) {
 
             unpackRegex.matcher(entry.getName()).matches()) {
 
           try (InputStream in = jar.getInputStream(entry)) {
 
           try (InputStream in = jar.getInputStream(entry)) {
 
             File file = new File(toDir, entry.getName());
 
             File file = new File(toDir, entry.getName());
 
+            if (!file.getCanonicalPath().startsWith(targetDirPath)) {
 
+              throw new IOException("expanding " + entry.getName()
 
+                  + " would create file outside of " + toDir);
 
+            }
 
             ensureDirectory(file.getParentFile());
 
             ensureDirectory(file.getParentFile());
 
             try (OutputStream out = new FileOutputStream(file)) {
 
             try (OutputStream out = new FileOutputStream(file)) {
 
               IOUtils.copyBytes(in, out, BUFFER_SIZE);
 
               IOUtils.copyBytes(in, out, BUFFER_SIZE);

+ 45 - 1
hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/util/TestRunJar.java
Zobrazit soubor 

@@ -17,9 +17,12 @@
 
  */
 
  */
 
 package org.apache.hadoop.util;
 
 package org.apache.hadoop.util;
 
 
 
+import static org.apache.hadoop.util.RunJar.MATCH_ANY;
 
 import static org.junit.Assert.assertEquals;
 
 import static org.junit.Assert.assertEquals;
 
 import static org.junit.Assert.assertFalse;
 
 import static org.junit.Assert.assertFalse;
 
 import static org.junit.Assert.assertTrue;
 
 import static org.junit.Assert.assertTrue;
 
+import static org.junit.Assert.fail;
 
+import static org.mockito.Matchers.any;
 
 import static org.mockito.Mockito.spy;
 
 import static org.mockito.Mockito.spy;
 
 import static org.mockito.Mockito.when;
 
 import static org.mockito.Mockito.when;
 
 
 
@@ -28,6 +31,7 @@ import java.io.FileInputStream;
 
 import java.io.FileOutputStream;
 
 import java.io.FileOutputStream;
 
 import java.io.IOException;
 
 import java.io.IOException;
 
 import java.io.InputStream;
 
 import java.io.InputStream;
 
+import java.nio.charset.StandardCharsets;
 
 import java.util.Random;
 
 import java.util.Random;
 
 import java.util.jar.JarEntry;
 
 import java.util.jar.JarEntry;
 
 import java.util.jar.JarOutputStream;
 
 import java.util.jar.JarOutputStream;
 
@@ -222,4 +226,44 @@ public class TestRunJar {
 
     runJar.run(args);
 
     runJar.run(args);
 
     // it should not throw an exception
 
     // it should not throw an exception
 
   }
 
   }
 
-}
 
+
 
+  @Test
 
+  public void testUnJar2() throws IOException {
 
+    // make a simple zip
 
+    File jarFile = new File(TEST_ROOT_DIR, TEST_JAR_NAME);
 
+    JarOutputStream jstream =
 
+        new JarOutputStream(new FileOutputStream(jarFile));
 
+    JarEntry je = new JarEntry("META-INF/MANIFEST.MF");
 
+    byte[] data = "Manifest-Version: 1.0\nCreated-By: 1.8.0_1 (Manual)"
 
+        .getBytes(StandardCharsets.UTF_8);
 
+    je.setSize(data.length);
 
+    jstream.putNextEntry(je);
 
+    jstream.write(data);
 
+    jstream.closeEntry();
 
+    je = new JarEntry("../outside.path");
 
+    data = "any data here".getBytes(StandardCharsets.UTF_8);
 
+    je.setSize(data.length);
 
+    jstream.putNextEntry(je);
 
+    jstream.write(data);
 
+    jstream.closeEntry();
 
+    jstream.close();
 
+
 
+    File unjarDir = getUnjarDir("unjar-path");
 
+
 
+    // Unjar everything
 
+    try {
 
+      RunJar.unJar(jarFile, unjarDir, MATCH_ANY);
 
+      fail("unJar should throw IOException.");
 
+    } catch (IOException e) {
 
+      GenericTestUtils.assertExceptionContains(
 
+          "would create file outside of", e);
 
+    }
 
+    try {
 
+      RunJar.unJar(new FileInputStream(jarFile), unjarDir, MATCH_ANY);
 
+      fail("unJar should throw IOException.");
 
+    } catch (IOException e) {
 
+      GenericTestUtils.assertExceptionContains(
 
+          "would create file outside of", e);
 
+    }
 
+  }
 
+}