Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

check paths in zip archive before unzipping during artifact upload #1393

Closed
jyotisingh opened this issue Jul 28, 2015 · 2 comments
Closed

check paths in zip archive before unzipping during artifact upload #1393

jyotisingh opened this issue Jul 28, 2015 · 2 comments
Milestone
Release 15.3

Comments

@jyotisingh
Copy link
Contributor

#1371
@jyotisingh jyotisingh added this to the Release 15.3 milestone Jul 28, 2015
zabil added a commit that referenced this issue Aug 3, 2015
@zabil
Merge pull request #1371 from jyotisingh/zip_utils_disallowing_files_…
15f3885 
…to_be_extracted_outside_of_target_directory

#1393 - checking paths in zip archive before unzipping
@jyotisingh jyotisingh self-assigned this Oct 5, 2015
@rajiesh
Copy link
Contributor

rajiesh commented Oct 5, 2015

When the artifact to be uploaded to Server contains directory traversal characters, the artifact upload fails but appropriate message not logged in the log file

The reason is because on identifying traversal characters the method throws "IllegalStateException" but the caller only handles "IOException" due to which the appropriate exception is not handled

jyotisingh added a commit to jyotisingh/gocd that referenced this issue Nov 5, 2015
@jyotisingh
Bug fix - gocd#1393
0ba3546
ketan added a commit that referenced this issue Nov 5, 2015
@ketan
Merge pull request #1599 from jyotisingh/1393_bug_fix
e766b54 
Bug fix - #1393
@rajiesh rajiesh mentioned this issue Nov 18, 2015
Closed
@rajiesh
Copy link
Contributor

rajiesh commented Nov 18, 2015

verified this fix on 15.3.0-2651. Exception handled as expected. However there is a retry during artifact upload failure which can be avoided in case of IllegalPathException. Have created new issue #1621 to fix the retry logic. This bug can be closed.

@zabil zabil closed this as completed Nov 19, 2015
@jyotisingh jyotisingh removed their assignment Jun 12, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Release 15.3
Development

No branches or pull requests
3 participants
@zabil @jyotisingh @rajiesh