[
https://issues.apache.org/jira/browse/CAMEL-23868?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andrea Cosentino updated CAMEL-23868:
-------------------------------------
Fix Version/s: 4.22.0
4.18.4
> camel-file: make local work directory / starting directory containment checks
> path-boundary aware
> -------------------------------------------------------------------------------------------------
>
> Key: CAMEL-23868
> URL: https://issues.apache.org/jira/browse/CAMEL-23868
> Project: Camel
> Issue Type: Improvement
> Components: camel-file
> Affects Versions: 4.21.0
> Reporter: Andrea Cosentino
> Assignee: Andrea Cosentino
> Priority: Major
> Fix For: 4.18.4, 4.22.0
>
>
> The containment checks that keep a resolved file path inside a configured
> directory use a bare string prefix test:
> - GenericFileHelper.jailToLocalWorkDirectory (introduced under CAMEL-23765)
> checks compactTarget.startsWith(compactWork).
> - GenericFileProducer.jailedCheck uses the same
> compactAnswer.startsWith(compactBaseDir) shape.
> A bare startsWith does not respect path-segment boundaries. When the
> compacted directory string has no trailing separator, a sibling directory
> whose name merely extends the configured directory's name (e.g. .../localwork
> vs .../localworkEVIL) still satisfies the prefix test even though it is a
> different directory. In jailToLocalWorkDirectory the work directory comes
> from File.getPath() (no trailing separator), so this edge is reachable;
> jailedCheck currently avoids it only incidentally, because baseDir is always
> normalized with a trailing separator.
> Make both checks path-boundary aware so containment no longer depends on the
> incidental presence of a trailing separator:
> {code:java}
> boolean contained = compactTarget.equals(compactWork)
> || compactTarget.startsWith(compactWork + File.separator);
> {code}
> Files:
> -
> components/camel-file/src/main/java/org/apache/camel/component/file/GenericFileHelper.java
> -- jailToLocalWorkDirectory
> -
> components/camel-file/src/main/java/org/apache/camel/component/file/GenericFileProducer.java
> -- jailedCheck
> Add a GenericFileHelperTest case for a name-prefixed sibling (e.g.
> ../localworkEVIL/file.txt), which the existing ../-only tests do not exercise.
> This continues the containment work introduced in CAMEL-23765.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)