Fix #315 and resolve relative path vulnerability

simonoff · simonoff · commit ce4208fdecc2 · 2017-02-08T13:43:14.000+02:00
diff --git a/lib/zip/entry.rb b/lib/zip/entry.rb
@@ -150,6 +150,11 @@ def next_header_offset #:nodoc:all
 def extract(dest_path = @name, &block)
 block ||= proc{::Zip.on_exists_proc }
 
+ if @name.squeeze('/') =~ /\.{2}(?:\/|\z)/
+ puts "WARNING: skipped \"../\" path component(s) in #{@name}"
+ return self
+ end
+
 if directory? || file? || symlink?
 __send__("create_#{@ftype}", dest_path, &block)
 else

-Original file line number
+Diff line change
 defextract(dest_path=@name, &block)
 block ||= proc{ ::Zip.on_exists_proc}
 +if@name.squeeze('/') =~ /\.{2}(?:\/|\z)/
 +puts"WARNING: skipped \"../\" path component(s) in #{@name}"
 +returnself
 +end
++
 ifdirectory? || file? || symlink?
 __send__("create_#{@ftype}",dest_path, &block)
 else