reef-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Byung-Gon Chun (JIRA)" <j...@apache.org>
Subject [jira] [Created] (REEF-2019) Enforce uncompressed files are within the current working directory in EvaluatorShim
Date Fri, 18 May 2018 06:26:00 GMT
Byung-Gon Chun created REEF-2019:
------------------------------------

             Summary: Enforce uncompressed files are within the current working directory
in EvaluatorShim
                 Key: REEF-2019
                 URL: https://issues.apache.org/jira/browse/REEF-2019
             Project: REEF
          Issue Type: Bug
          Components: REEF-Runtime-AZBatch
            Reporter: Byung-Gon Chun


When compressed files are uncompressed, the files can be created outside the current working
directory in EvaluatorShim (L295). 

[https://github.com/apache/reef/blob/561a336f2f0dda8f4a67a96179750a76167b038f/lang/java/reef-runtime-azbatch/src/main/java/org/apache/reef/runtime/azbatch/evaluator/EvaluatorShim.java#L295

]

We will enforce that uncompressed files in EvaluatorShim are within the current working directory.
If not, an exception will be raised.

[~markus.weimer] suggested the following fix.

final Path reefPath = this.reefFileNames.getREEFFolder().toPath();
...
final Path destination = new File(this.reefFileNames.getREEFFolder(),
zipEntry.getName()).toPath();
if(!destination.startsWith(reefPath)){
  throw new IOException("Trying to unzip a file outside of the
destination folder: " + destination);
}
Files.copy(inputStream, destination);

Assigning this issue to [~gyewonlee].



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message