diff --git a/.DS_Store b/.DS_Store index eb8e5a2f7..9a8354cc6 100644 Binary files a/.DS_Store and b/.DS_Store differ diff --git a/jadx-core/src/main/java/jadx/core/codegen/CodeWriter.java b/jadx-core/src/main/java/jadx/core/codegen/CodeWriter.java index 1db7a9146..9041a5edf 100644 --- a/jadx-core/src/main/java/jadx/core/codegen/CodeWriter.java +++ b/jadx-core/src/main/java/jadx/core/codegen/CodeWriter.java @@ -3,6 +3,7 @@ package jadx.core.codegen; import jadx.api.CodePosition; import jadx.core.dex.attributes.nodes.LineAttrNode; import jadx.core.utils.files.FileUtils; +import jadx.core.utils.files.ZipSecurity; import java.io.File; import java.io.PrintWriter; @@ -272,10 +273,16 @@ public class CodeWriter { } public void save(File dir, String subDir, String fileName) { + if(!ZipSecurity.isValidZipEntryName(subDir) || !ZipSecurity.isValidZipEntryName(fileName)) { + return; + } save(dir, new File(subDir, fileName).getPath()); } public void save(File dir, String fileName) { + if(!ZipSecurity.isValidZipEntryName(fileName)) { + return; + } save(new File(dir, fileName)); } diff --git a/jadx-core/src/main/java/jadx/core/dex/visitors/SaveCode.java b/jadx-core/src/main/java/jadx/core/dex/visitors/SaveCode.java index 9cabcb3ae..ec40de3c0 100644 --- a/jadx-core/src/main/java/jadx/core/dex/visitors/SaveCode.java +++ b/jadx-core/src/main/java/jadx/core/dex/visitors/SaveCode.java @@ -4,6 +4,7 @@ import jadx.api.IJadxArgs; import jadx.core.codegen.CodeWriter; import jadx.core.dex.nodes.ClassNode; import jadx.core.utils.exceptions.CodegenException; +import jadx.core.utils.files.ZipSecurity; import java.io.File; @@ -25,7 +26,7 @@ public class SaveCode extends AbstractVisitor { public static void save(File dir, IJadxArgs args, ClassNode cls) { CodeWriter clsCode = cls.getCode(); String fileName = cls.getClassInfo().getFullPath() + ".java"; - if (args.isFallbackMode()) { + if (args.isFallbackMode()) { fileName += ".jadx"; } clsCode.save(dir, fileName); diff --git a/jadx-core/src/main/java/jadx/core/utils/files/ZipSecurity.java b/jadx-core/src/main/java/jadx/core/utils/files/ZipSecurity.java index 8f9f8c257..b5bc23c93 100644 --- a/jadx-core/src/main/java/jadx/core/utils/files/ZipSecurity.java +++ b/jadx-core/src/main/java/jadx/core/utils/files/ZipSecurity.java @@ -10,7 +10,7 @@ public class ZipSecurity { private static final Logger LOG = LoggerFactory.getLogger(ZipSecurity.class); // size of uncompressed zip entry shouldn't be bigger of compressed in MAX_SIZE_DIFF times - private static final int MAX_SIZE_DIFF = 5; + private static final int MAX_SIZE_DIFF = 10; private static boolean isInSubDirectory(File base, File file) { if (file == null) { @@ -32,11 +32,11 @@ public class ZipSecurity { if(isInSubDirectory(currentPath, canonical)) { return true; } - LOG.debug("Path traversal attack detected, invalid name: {}", entryName); + LOG.error("Path traversal attack detected, invalid name: {}", entryName); return false; } catch(Exception e) { - LOG.debug("Path traversal attack detected, invalid name: {}", entryName); + LOG.error("Path traversal attack detected, invalid name: {}", entryName); return false; } } @@ -48,7 +48,8 @@ public class ZipSecurity { return true; } if(compressedSize * MAX_SIZE_DIFF < uncompressedSize) { - LOG.debug("Zip bomp attack detected, invalid sizes: compressed {}, uncompressed {}", compressedSize, uncompressedSize); + LOG.error("Zip bomp attack detected, invalid sizes: compressed {}, uncompressed {}, name {}", + compressedSize, uncompressedSize, entry.getName()); return true; } return false;