Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 59fb479

Browse files
am0o0am0o0
committed
update tests
1 parent e34cc42 commit 59fb479

2 files changed

Lines changed: 60 additions & 0 deletions

File tree

java/ql/test/experimental/query-tests/security/CWE-522-DecompressionBombs/src/main/java/com/Bombs/HelloServlet.java

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,8 @@
1010

1111
import java.io.*;
1212
import java.io.IOException;
13+
import java.nio.charset.StandardCharsets;
14+
import java.util.zip.DataFormatException;
1315
import javax.servlet.ServletException;
1416
import javax.servlet.annotation.MultipartConfig;
1517
import javax.servlet.annotation.WebServlet;
@@ -36,6 +38,16 @@ public void doPost(HttpServletRequest request, HttpServletResponse response)
3638
ZipInputStreamUnsafe(remoteFile.getInputStream());
3739
GZipInputStreamUnsafe(request.getPart("zipFile").getInputStream());
3840
InflaterInputStreamUnsafe(request.getPart("zipFile").getInputStream());
41+
try {
42+
InflaterUnsafe(request.getParameter("data").getBytes(StandardCharsets.UTF_8));
43+
} catch (DataFormatException e) {
44+
throw new RuntimeException(e);
45+
}
46+
try {
47+
ZipFile1(request.getParameter("zipFileName"));
48+
} catch (DataFormatException e) {
49+
throw new RuntimeException(e);
50+
}
3951

4052
// Zip4j
4153
zip4jZipInputStream(remoteFile.getInputStream());

java/ql/test/experimental/query-tests/security/CWE-522-DecompressionBombs/src/main/java/com/Bombs/ZipHandler.java

Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,10 @@
22

33
import java.io.*;
44
import java.io.FileOutputStream;
5+
import java.nio.ByteBuffer;
6+
import java.util.Enumeration;
57
import java.util.zip.*;
8+
import java.util.zip.ZipFile;
69

710
public class ZipHandler {
811
public static void ZipInputStreamSafe(InputStream inputStream) throws IOException {
@@ -127,4 +130,49 @@ public static void InflaterInputStreamUnsafe(InputStream inputStream) throws jav
127130
dest.close();
128131
}
129132
}
133+
134+
public static void InflaterUnsafe(byte[] inputBytes) throws DataFormatException, IOException {
135+
Inflater inflater = new Inflater();
136+
inflater.setInput(inputBytes);
137+
try (final ByteArrayOutputStream outputStream = new ByteArrayOutputStream(inputBytes.length)) {
138+
byte[] buffer = new byte[1024];
139+
while (!inflater.finished()) {
140+
final int count = inflater.inflate(buffer);
141+
outputStream.write(buffer, 0, count);
142+
}
143+
outputStream.toByteArray();
144+
}
145+
}
146+
147+
public static void ZipFile1(String zipFilePath) throws DataFormatException, IOException {
148+
try {
149+
System.out.println("zipFilePath = " + zipFilePath);
150+
ZipFile zipFile = new ZipFile(zipFilePath);
151+
Enumeration<? extends ZipEntry> entries = zipFile.entries();
152+
while (entries.hasMoreElements()) {
153+
ZipEntry entry = entries.nextElement();
154+
if (entry.isDirectory()) {
155+
System.out.print("dir : " + entry.getName());
156+
String destPath = "tmp" + File.separator + entry.getName();
157+
System.out.println(" => " + destPath);
158+
File file = new File(destPath);
159+
file.mkdirs();
160+
} else {
161+
String destPath = "tmp" + File.separator + entry.getName();
162+
163+
try (InputStream inputStream = zipFile.getInputStream(entry);
164+
FileOutputStream outputStream = new FileOutputStream(destPath); ) {
165+
int data = inputStream.read();
166+
while (data != -1) {
167+
outputStream.write(data);
168+
data = inputStream.read();
169+
}
170+
}
171+
System.out.println("file : " + entry.getName() + " => " + destPath);
172+
}
173+
}
174+
} catch (IOException e) {
175+
throw new RuntimeException("Error unzipping file " + zipFilePath, e);
176+
}
177+
}
130178
}

0 commit comments

Comments
 (0)