Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve workflow package #802

Merged
merged 21 commits into from
Dec 13, 2023
Merged

Improve workflow package #802

merged 21 commits into from
Dec 13, 2023

Conversation

bchapuis
Copy link
Member

No description provided.

@bchapuis bchapuis changed the title Workflow Improve workflow package Nov 13, 2023
github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 13, 2023
View reviewed changes
baremaps-core/src/main/java/org/apache/baremaps/workflow/tasks/DecompressFile.java
var gzipInputStream = new GZIPInputStream(bufferedInputStream);
var tarInputStream = new TarArchiveInputStream(gzipInputStream)) {
TarArchiveEntry entry;
while ((entry = (TarArchiveEntry) tarInputStream.getNextEntry()) != null) {
var path = targetPath.resolve(entry.getName());
var path = target.resolve(entry.getName());

Check failure

Code scanning / CodeQL

Arbitrary file access during archive extraction ("Zip Slip") High

Unsanitized archive entry, which may contain '..', is used in a
file system operation
Loading
.
Unsanitized archive entry, which may contain '..', is used in a
file system operation
Loading
.
Unsanitized archive entry, which may contain '..', is used in a
file system operation
Loading
.
Unsanitized archive entry, which may contain '..', is used in a file system operation.
baremaps-core/src/main/java/org/apache/baremaps/workflow/tasks/DecompressFile.java
var bzip2InputStream = new BZip2CompressorInputStream(bufferedInputStream);
var tarInputStream = new TarArchiveInputStream(bzip2InputStream)) {
TarArchiveEntry entry;
while ((entry = (TarArchiveEntry) tarInputStream.getNextEntry()) != null) {
var path = targetPath.resolve(entry.getName());
var path = target.resolve(entry.getName());

Check failure

Code scanning / CodeQL

Arbitrary file access during archive extraction ("Zip Slip") High

Unsanitized archive entry, which may contain '..', is used in a
file system operation
Loading
.
Unsanitized archive entry, which may contain '..', is used in a
file system operation
Loading
.
Unsanitized archive entry, which may contain '..', is used in a
file system operation
Loading
.
Unsanitized archive entry, which may contain '..', is used in a file system operation.
baremaps-core/src/main/java/org/apache/baremaps/workflow/tasks/DecompressFile.java
var entries = zipFile.entries();
while (entries.hasMoreElements()) {
var entry = entries.nextElement();
var path = targetPath.resolve(entry.getName());
var path = target.resolve(entry.getName());

Check failure

Code scanning / CodeQL

Arbitrary file access during archive extraction ("Zip Slip") High

Unsanitized archive entry, which may contain '..', is used in a
file system operation
Loading
.
Unsanitized archive entry, which may contain '..', is used in a
file system operation
Loading
.
Unsanitized archive entry, which may contain '..', is used in a
file system operation
Loading
.
baremaps-core/src/main/java/org/apache/baremaps/workflow/tasks/DecompressFile.java Fixed Show fixed Hide fixed
@bchapuis bchapuis force-pushed the workflow branch 2 times, most recently from df4fa4a to e819844 Compare November 17, 2023 13:06
@bchapuis bchapuis marked this pull request as ready for review December 9, 2023 23:49
@bchapuis bchapuis force-pushed the main branch 2 times, most recently from 7e6528a to 0dd52e9 Compare December 11, 2023 13:16
github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 12, 2023
View reviewed changes
baremaps-core/src/main/java/org/apache/baremaps/workflow/WorkflowContext.java
}
}

public DataMap<Long, List<Long>> getReferenceMap(Path path) throws IOException {

Check notice

Code scanning / CodeQL

Useless parameter Note

The parameter 'path' is never used.
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions

1 Security Hotspot

See analysis details on SonarCloud

@bchapuis bchapuis merged commit 7b97e5d into main Dec 13, 2023
7 of 9 checks passed
@bchapuis bchapuis deleted the workflow branch November 19, 2024 19:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@bchapuis