ToxicMushroom/Dalamud
1
0
Fork 0
mirror of https://github.com/goatcorp/Dalamud.git synced 2025-12-15 05:04:15 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: folders in plugin zips, throw if DLL can't be overwritten

Browse source
This commit is contained in:
goat 2021-08-22 17:26:16 +02:00
parent 3371fa1319
commit 3c5c7fbc80
No known key found for this signature in database
GPG key ID: F18F057873895461
1 changed files with 21 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

28
Dalamud/Plugin/Internal/PluginManager.cs
View file

@ -414,31 +414,45 @@ namespace Dalamud.Plugin.Internal
Log.Debug($"Extracting to {outputDir}"); Log.Debug($"Extracting to {outputDir}");
// This throws an error, even with overwrite=false // This throws an error, even with overwrite=false
// ZipFile.ExtractToDirectory(tempZip.FullName, outputDir.FullName, false); // ZipFile.ExtractToDirectory(tempZip.FullName, outputDir.FullName, false);
using (var archive = new ZipArchive(response.Content.ReadAsStream())) using (var archive = new ZipArchive(await response.Content.ReadAsStreamAsync()))
{ {
foreach (var zipFile in archive.Entries) foreach (var zipFile in archive.Entries)
{ {
var completeFileName = Path.GetFullPath(Path.Combine(outputDir.FullName, zipFile.FullName)); var outputFile = new FileInfo(Path.GetFullPath(Path.Combine(outputDir.FullName, zipFile.FullName)));
if (!completeFileName.StartsWith(outputDir.FullName, StringComparison.OrdinalIgnoreCase)) if (!outputFile.FullName.StartsWith(outputDir.FullName, StringComparison.OrdinalIgnoreCase))
{ {
throw new IOException("Trying to extract file outside of destination directory. See this link for more info: https://snyk.io/research/zip-slip-vulnerability"); throw new IOException("Trying to extract file outside of destination directory. See this link for more info: https://snyk.io/research/zip-slip-vulnerability");
} }
if (zipFile.Name == string.Empty) if (outputFile.Directory == null)
{ {
throw new IOException("Output directory invalid.");
}
if (zipFile.Name.IsNullOrEmpty())
{
Log.Error("zipFile.Name is null or empty");
// Assuming Empty for Directory // Assuming Empty for Directory
Directory.CreateDirectory(Path.GetDirectoryName(completeFileName)); Directory.CreateDirectory(outputFile.Directory.FullName);
continue; continue;
} }
// Ensure directory is created
Directory.CreateDirectory(outputFile.Directory.FullName);
try try
{ {
zipFile.ExtractToFile(completeFileName, true); zipFile.ExtractToFile(outputFile.FullName, true);
} }
catch (Exception ex) catch (Exception ex)
{ {
Log.Information($"Could not overwrite {zipFile.Name}: {ex.Message}"); if (outputFile.Extension.EndsWith("dll"))
{
throw new IOException($"Could not overwrite {zipFile.Name}: {ex.Message}");
}
Log.Error($"Could not overwrite {zipFile.Name}: {ex.Message}");
} }
} }
} }