Karl/BobStore
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Apk.isMediaInstalled() needs to check using sanitized file names

Browse Source 
The install process automatically sanitizes filenames to avoid exploits
that put attack code in the filename.  Media files are also installed using
this logic, so the installed check needs to use sanitized file names to be
accurate.
This commit is contained in:
Hans-Christoph Steiner 2017-07-07 00:02:39 +02:00 committed by Chirayu Desai
parent c5a1b11315
commit 7dbf03c435
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/src/main/java/org/fdroid/fdroid/data/Apk.java
View File

@ -516,7 +516,7 @@ public class Apk extends ValueObject implements Comparable<Apk>, Parcelable {
}
public boolean isMediaInstalled(Context context) {
return new File(this.getMediaInstallPath(context), this.apkName).isFile();
return new File(this.getMediaInstallPath(context), SanitizedFile.sanitizeFileName(this.apkName)).isFile();
}
/**

4
app/src/test/java/org/fdroid/fdroid/data/SanitizedFileTest.java
View File

@ -37,11 +37,11 @@ public class SanitizedFileTest {
assertEquals("/tmp/blah/safe", safeSanitized.getAbsolutePath());
assertEquals("/tmp/blah/safe-and_bleh.boo", nonEvilSanitized.getAbsolutePath());
assertEquals("/tmp/blah/rmetcshadow", evilSanitized.getAbsolutePath());
assertEquals("/tmp/blah/rm etcshadow", evilSanitized.getAbsolutePath());
assertEquals("safe", safeSanitized.getName());
assertEquals("safe-and_bleh.boo", nonEvilSanitized.getName());
assertEquals("rmetcshadow", evilSanitized.getName());
assertEquals("rm etcshadow", evilSanitized.getName());
}