Skip to content

Fix Zip Slip #950

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

Fix Zip Slip #950

wants to merge 2 commits into from

Conversation

th555555
Copy link

Prevents Zip Slip attacks that could allow attackers to overwrite arbitrary files on the filesystem, potentially leading to code execution or system compromise.

th555555 added 2 commits July 31, 2025 00:29
@th555555
Fix Zip Slip vulnerability
d6ea5e4 
Description: The ziputils method is vulnerable to Zip Slip attacks, allowing malicious ZIP files to extract files outside the intended directory through path traversal sequences like Downloads. This could lead to arbitrary file write vulnerabilities.

Changes:

Add path traversal validation using path.normalize().startsWith(outFolder.toPath().normalize())
Throw IOException when entries attempt to escape the target directory
Add parent directory creation for extracted files
Maintain existing functionality while preventing directory traversal attacks

Security Impact: Prevents Zip Slip attacks that could allow attackers to overwrite arbitrary files on the filesystem, potentially leading to code execution or system compromise.

References:
naver/ngrinder@700eb9f
https://cwe.mitre.org/data/definitions/22.html
@th555555
Fix Zip Slip Vulnerability
69fdf79 
Description
Fixes a critical security vulnerability where malicious ZIP files could write files outside the intended extraction directory (Zip Slip attack).

Changes
Added path traversal validation using canonical paths
Prevents extraction of entries that would write outside the target directory
Throws IOException for malicious zip entries attempting directory traversal
Security Impact
Prevents arbitrary file write attacks
Protects against malicious ZIP files containing path traversal sequences like Downloads
Maintains functionality while ensuring extracted files remain within the intended directory

References:
naver/ngrinder@700eb9f
https://cwe.mitre.org/data/definitions/22.html
@github-actions GitHub Actions
Copy link
Contributor

CLA Assistant Lite bot:
Thank you for your submission, we really appreciate it. Like many open-source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution. You can sign the CLA by just posting a Pull Request Comment same as the below format.

I have read the CLA Document and I hereby sign the CLA

You can retrigger this bot by commenting recheck in this Pull Request

@th555555
Copy link
Author

I have read the CLA Document and I hereby sign the CLA

@github-actions GitHub Actions
Copy link
Contributor

This PR is stale because it is related to an old version or it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

@github-actions github-actions bot added the Stale label Aug 30, 2025
@Redjaw Redjaw removed the Stale label Aug 30, 2025
@github-actions GitHub Actions
Copy link
Contributor

This PR is stale because it is related to an old version or it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

@github-actions github-actions bot added the Stale label Sep 30, 2025
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Oct 5, 2025

This PR was closed because it has been stalled for 5 days with no activity.

@github-actions github-actions bot closed this Oct 5, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Stale
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@th555555 @Redjaw