Mirrors/Stirling-PDF
Mirrors/Stirling-PDF
1
0
Fork 0
mirror of https://github.com/Frooodle/Stirling-PDF.git synced 2025-09-12 17:52:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Introduced protections against "zip slip" attacks

Browse Source
This commit is contained in:
pixeebot[bot] 2025-05-19 00:49:12 +00:00 committed by GitHub
parent 0ea58acaa2
commit 605782380a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/test/java/stirling/software/SPDF/utils/PDFToFileTest.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.utils; package stirling.software.SPDF.utils;
import io.github.pixee.security.ZipSecurity;
import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertNotNull; import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertTrue; import static org.junit.jupiter.api.Assertions.assertTrue;
@ -213,7 +214,7 @@ class PDFToFileTest {
// Verify the content by unzipping it // Verify the content by unzipping it
try (ZipInputStream zipStream = try (ZipInputStream zipStream =
new ZipInputStream(new java.io.ByteArrayInputStream(response.getBody()))) { ZipSecurity.createHardenedInputStream(new java.io.ByteArrayInputStream(response.getBody()))) {
ZipEntry entry; ZipEntry entry;
boolean foundMdFiles = false; boolean foundMdFiles = false;
boolean foundImage = false; boolean foundImage = false;
@ -285,7 +286,7 @@ class PDFToFileTest {
// Verify the content by unzipping it // Verify the content by unzipping it
try (ZipInputStream zipStream = try (ZipInputStream zipStream =
new ZipInputStream(new java.io.ByteArrayInputStream(response.getBody()))) { ZipSecurity.createHardenedInputStream(new java.io.ByteArrayInputStream(response.getBody()))) {
ZipEntry entry; ZipEntry entry;
boolean foundMainHtml = false; boolean foundMainHtml = false;
boolean foundIndexHtml = false; boolean foundIndexHtml = false;
@ -436,7 +437,7 @@ class PDFToFileTest {
// Verify the content by unzipping it // Verify the content by unzipping it
try (ZipInputStream zipStream = try (ZipInputStream zipStream =
new ZipInputStream(new java.io.ByteArrayInputStream(response.getBody()))) { ZipSecurity.createHardenedInputStream(new java.io.ByteArrayInputStream(response.getBody()))) {
ZipEntry entry; ZipEntry entry;
boolean foundMainFile = false; boolean foundMainFile = false;
boolean foundMediaFiles = false; boolean foundMediaFiles = false;