From 422845e61d8dd507d7cf2e3b0f34dc2fb8811820 Mon Sep 17 00:00:00 2001
From: rhckrtu <169907063+rhckrtu@users.noreply.github.com>
Date: Fri, 30 Aug 2024 23:19:14 +0200
Subject: [PATCH] Make sure files only get extracted within the specified
 destination to avoid the Zip Slip vulnerability

---
 src/main/java/org/myrobotlab/io/Zip.java | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/main/java/org/myrobotlab/io/Zip.java b/src/main/java/org/myrobotlab/io/Zip.java
index c00666dc41..da96ce4ac6 100644
--- a/src/main/java/org/myrobotlab/io/Zip.java
+++ b/src/main/java/org/myrobotlab/io/Zip.java
@@ -229,12 +229,23 @@ static public void unzip(String zipFile, String newPath) throws ZipException, IO
     new File(newPath).mkdir();
     Enumeration<?> zipFileEntries = zip.entries();
 
+    File canonicalNewPath = new File(newPath).getCanonicalFile();
+
     // Process each entry
     while (zipFileEntries.hasMoreElements()) {
       // grab a zip file entry
       ZipEntry entry = (ZipEntry) zipFileEntries.nextElement();
       String currentEntry = entry.getName();
       File destFile = new File(newPath, currentEntry);
+        
+      // Canonicalize the destination file path
+      File canonicalDestFile = destFile.getCanonicalFile();
+
+      // Check if the canonical destination path starts with the canonical newPath
+      if (!canonicalDestFile.getPath().startsWith(canonicalNewPath.getPath())) {
+        throw new IOException("Attempt to write outside of the target directory: " + currentEntry);
+      }
+
       // destFile = new File(newPath, destFile.getName());
       File destinationParent = destFile.getParentFile();