Try fix safezip for google play

2022-01-19 21:29:35 +08:00 · 2022-01-19 21:29:35 +08:00 · 3ebf6e95c9
commit 3ebf6e95c9
parent 2ae4180840
2 changed files with 8 additions and 36 deletions
--- a/android/src/main/java/cn/reactnative/modules/update/SafeZipFile.java
+++ b/android/src/main/java/cn/reactnative/modules/update/SafeZipFile.java
@ -16,40 +16,6 @@ public class SafeZipFile extends ZipFile {
        super(file);
    }

-    @Override
-    public Enumeration<? extends ZipEntry> entries() {
-        return new SafeZipEntryIterator(super.entries());
-    }
-
-    private static class SafeZipEntryIterator implements Enumeration<ZipEntry> {
-
-        final private Enumeration<? extends ZipEntry> delegate;
-
-        private SafeZipEntryIterator(Enumeration<? extends ZipEntry> delegate) {
-            this.delegate = delegate;
-        }
-
-        @Override
-        public boolean hasMoreElements() {
-            return delegate.hasMoreElements();
-        }
-
-        @Override
-        public ZipEntry nextElement() {
-            ZipEntry entry = delegate.nextElement();
-            if (null != entry) {
-                String name = entry.getName();
-                /**
-                 * avoid ZipperDown
-                 */
-                if (null != name && (name.contains("../") || name.contains("..\\"))) {
-                    throw new SecurityException("illegal entry: " + entry.getName());
-                }
-            }
-            return entry;
-        }
-    }
-
    public void unzipToFile(ZipEntry entry, File output) throws IOException {
        InputStream inputStream = null;
        try {
@ -63,6 +29,11 @@ public class SafeZipFile extends ZipFile {
    }

    private void writeOutInputStream(File file, InputStream inputStream) throws IOException {
+        // https://support.google.com/faqs/answer/9294009
+        String canonicalPath = file.getCanonicalPath();
+        if (!canonicalPath.startsWith(UpdateContext.getRootDir())) {
+            throw new SecurityException("illegal entry: " + file.getName());
+        }
        BufferedOutputStream output = null;
        try {
            output = new BufferedOutputStream(
--- a/android/src/main/java/cn/reactnative/modules/update/UpdateContext.java
+++ b/android/src/main/java/cn/reactnative/modules/update/UpdateContext.java
@ -19,13 +19,14 @@ import java.io.File;

 public class UpdateContext {
    private Context context;
-    private File rootDir;
+    private static File rootDir;
    private Executor executor;

    public static boolean DEBUG = false;
    private static ReactInstanceManager mReactInstanceManager;
    private static boolean isUsingBundleUrl = false;

+
    public UpdateContext(Context context) {
        this.context = context;
        this.executor = Executors.newSingleThreadExecutor();
@ -49,7 +50,7 @@ public class UpdateContext {
        }
    }

-    public String getRootDir() {
+    public static String getRootDir() {
        return rootDir.toString();
    }