Add code to check if the untarred file will be put outside of the tar…

…get output directory (#2835)
apache · May 22, 2018 · 07b0508 · 07b0508
1 parent 6a1666d
commit 07b0508
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/pinot-common/src/main/java/com/linkedin/pinot/common/utils/TarGzCompressionUtils.java b/pinot-common/src/main/java/com/linkedin/pinot/common/utils/TarGzCompressionUtils.java
@@ -171,7 +171,8 @@ private static void addFileToTarGz(TarArchiveOutputStream tOut, String path, Str
   public static List<File> unTar(final File inputFile, final File outputDir) throws FileNotFoundException, IOException,
       ArchiveException {
 
-    LOGGER.debug(String.format("Untaring %s to dir %s.", inputFile.getAbsolutePath(), outputDir.getAbsolutePath()));
+    String outputDirectoryPath = outputDir.getCanonicalPath();
+    LOGGER.debug(String.format("Untaring %s to dir %s.", inputFile.getAbsolutePath(), outputDirectoryPath));
     TarArchiveInputStream debInputStream = null;
     InputStream is = null;
     final List<File> untaredFiles = new LinkedList<File>();
@@ -181,6 +182,10 @@ public static List<File> unTar(final File inputFile, final File outputDir) throw
       TarArchiveEntry entry = null;
       while ((entry = (TarArchiveEntry) debInputStream.getNextEntry()) != null) {
         final File outputFile = new File(outputDir, entry.getName());
+        // Check whether the untarred file will be put outside of the target output directory.
+        if (!outputFile.getCanonicalPath().startsWith(outputDirectoryPath)) {
+          throw new IOException("Tar file must not be untarred outside of the target output directory!");
+        }
         if (entry.isDirectory()) {
           LOGGER.debug(String.format("Attempting to write output directory %s.", outputFile.getAbsolutePath()));
           if (!outputFile.exists()) {