Package org.onlab.util

Class FilePathValidator

  • public final class FilePathValidator
extends java.lang.Object
    Utilities for validation of Zip files.

    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static boolean validateFile​(java.io.File destinationFile, java.io.File destinationDir)
      Validates a File.
      static boolean validateZipEntry​(java.util.zip.ZipEntry entry, java.io.File destinationDir)
      Validates a zip entry.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Method Detail

      • validateFile

        public static boolean validateFile​(java.io.File destinationFile,
                                   java.io.File destinationDir)
        Validates a File. Checks that the file being created does not lie outside the target directory.
        Parameters:
        destinationFile - file to check
        destinationDir - target directory
        Returns:
        true if the Entry resolves to a file inside the target directory; false otherwise

      • validateZipEntry

        public static boolean validateZipEntry​(java.util.zip.ZipEntry entry,
                                       java.io.File destinationDir)
        Validates a zip entry. Checks that the file being created does not lie outside the target directory. See https://snyk.io/research/zip-slip-vulnerability for more information.
        Parameters:
        entry - ZipEntry to check
        destinationDir - target directory
        Returns:
        true if the Entry resolves to a file inside the target directory; false otherwise