Magic-Mirror/Apktool
1
0
Fork 0
mirror of https://github.com/iBotPeaches/Apktool.git synced 2024-11-23 12:39:43 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
d348c43b24
Apktool/brut.j.util
History
Connor Tumbleson d348c43b24
Prevent arbitrary file writes with malicious resource names. (#3484) 
* refactor: rename sanitize function

* fix: expose getDir

* fix: safe handling of untrusted resource names

 - fixes: GHSA-2hqv-2xv4-5h5w

* test: sample file for GHSA-2hqv-2xv4-5h5w

* refactor: avoid detection of absolute files for resource check

* chore: enable info mode on gradle

* test: skip test on windows

* chore: debug windows handling

* fix: normalize entry with file separators

* fix: normalize filepath after cleansing

* chore: Android paths are not OS specific

* refactor: use java.nio for path traversal checking

* chore: align path separator on Windows for Zip files

* chore: rework towards basic directory traversal

* chore: remove '--info' on build.yml
2024-01-02 06:11:03 -05:00
..
src/main/java/brut/util Prevent arbitrary file writes with malicious resource names. (#3484) 2024-01-02 06:11:03 -05:00
build.gradle.kts build: migrate towards "libs.versions.toml" (#3353) 2023-10-01 06:08:47 -04:00