Skip to content
Snippets Groups Projects
Commit 0efda30c authored by Andreas Fernandez's avatar Andreas Fernandez Committed by Oliver Hader
Browse files

[SECURITY] Avoid directory traversal on archive extraction 

The Extension Manager and Language Pack Manager receive Zip archives as
input from foreign sources and extract them on the disk. However, the
previous approach is considered insecure as the target directory is not
checked per file and directory traversal was possible.

This patch adds a new service class that handles the extraction of Zip
archives via PHP's internal ZipArchive class, which can handle such
cases on its own.

Resolves: #88764
Releases: master, 9.5, 8.7
Security-Commit: a02f19c73211a5f1c0286ab44bee27da9b73f026
Security-Bulletin: TYPO3-CORE-SA-2019-024
Change-Id: I701a577f54410344867b868409a38cc44339f976
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62718


Tested-by: default avatarOliver Hader <oliver.hader@typo3.org>
Reviewed-by: default avatarOliver Hader <oliver.hader@typo3.org>
parent 51bbb971
Branches
Tags
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 317 additions and 56 deletions
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment