aistore icon indicating copy to clipboard operation
aistore copied to clipboard
verified publisher icon NVIDIA

fix(read.go): arbitrary file access during archive extraction zipslip

Open odaysec opened this issue 7 months ago • 1 comments

https://github.com/NVIDIA/aistore/blob/102b5d92152372f976720a23668b9d7c2948778a/cmn/archive/read.go#L266-L287

Fix the issue need to sanitize the file paths extracted from the zip archive to prevent directory traversal attacks. Specifically, we should ensure that the f.FileHeader.Name does not contain any .. elements or other malicious patterns that could lead to writing files outside the intended directory. This can be achieved by:

  1. Using filepath.Clean to normalize the path.
  2. Verifying that the resulting path is within the intended extraction directory.
  3. Rejecting or skipping any entries that fail these checks.

The fix will be applied in the ReadUntil and ReadOne methods of the zipReader struct in cmn/archive/read.go.

Zip Slip.

odaysec avatar May 24 '25 07:05 odaysec

  1. Good catch.

  2. The scope. There's not only zip, there are other archival readers, including tar. The same exact concern applies wrt directory traversals. There must be a single piece of code used by all archival readers.

  3. filepath.Clean is uncalled for. In fact, filepath.Clean can hide some of those path mutations and introduce false negatives. The "../" in the path is illegal - period, end of story.

Secondly and separately, filepath.Clean is slow, and you don't want it in the datapath. And finally,

  1. We already have cmn.ValidateOname - maybe use it.

alex-aizman avatar May 24 '25 15:05 alex-aizman

thank you for your contribution; this is now implemented differently but still - thanks a lot!

alex-aizman avatar Jul 17 '25 20:07 alex-aizman