Code Review / ccsdk / sli.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 136a85c) | patch
Fix zip slip vulnerability (CCSDK-3376) 25/122725/2
authorJonathan Platt <jonathan.platt@att.com>
Mon, 19 Jul 2021 16:20:41 +0000 (12:20 -0400)
committerJonathan Platt <jonathan.platt@att.com>
Tue, 20 Jul 2021 12:19:19 +0000 (08:19 -0400)
commit1cffa0923a4fcb46b1aceb7f9b50356c8c729891
treedd7e094bd257bf22e1d37aa31b9e3ee9fed9acc3tree | snapshot
parent136a85c040adc383bf63342f5e59d5632ecb5dd1commit | diff
Fix zip slip vulnerability (CCSDK-3376)

Check and enforce canonical destination path of new file to resolve zip
slip vulnerability in 'DaeximOffsiteBackupProvider.java'

Issue-ID: CCSDK-3376
Signed-off-by: Jonathan Platt <jonathan.platt@att.com>
Change-Id: I249752d7a8bb1a8075502b5130f94c32986ab8ee
northbound/daexim-offsite-backup/provider/src/main/java/org/onap/ccsdk/sli/northbound/daeximoffsitebackup/DaeximOffsiteBackupProvider.java diff | blob | history
Contains code for Service Logic Interpreter (SLI)