lsm/hutool
1
0
Fork 0
mirror of https://gitee.com/dromara/hutool.git synced 2025-05-04 04:37:59 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

issue #I4ZDQI

Browse Source
This commit is contained in:
Husky 2022-03-24 15:51:40 +08:00
parent 163dff00bd
commit 6216a96ff8
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
hutool-core/src/main/java/cn/hutool/core/compress/ZipReader.java
View File

@ -4,6 +4,7 @@ import cn.hutool.core.io.FileUtil;
import cn.hutool.core.io.IORuntimeException; import cn.hutool.core.io.IORuntimeException;
import cn.hutool.core.io.IoUtil; import cn.hutool.core.io.IoUtil;
import cn.hutool.core.lang.Filter; import cn.hutool.core.lang.Filter;
import cn.hutool.core.util.StrUtil;
import cn.hutool.core.util.ZipUtil; import cn.hutool.core.util.ZipUtil;
import java.io.Closeable; import java.io.Closeable;
@ -142,8 +143,10 @@ public class ZipReader implements Closeable {
public File readTo(File outFile, Filter<ZipEntry> entryFilter) throws IORuntimeException { public File readTo(File outFile, Filter<ZipEntry> entryFilter) throws IORuntimeException {
read((zipEntry) -> { read((zipEntry) -> {
if (null == entryFilter || entryFilter.accept(zipEntry)) { if (null == entryFilter || entryFilter.accept(zipEntry)) {
//gitee issue #I4ZDQI
String replace = StrUtil.replace(zipEntry.getName(), "*", "_");
// FileUtil.file会检查slip漏洞漏洞说明见http://blog.nsfocus.net/zip-slip-2/ // FileUtil.file会检查slip漏洞漏洞说明见http://blog.nsfocus.net/zip-slip-2/
final File outItemFile = FileUtil.file(outFile, zipEntry.getName()); final File outItemFile = FileUtil.file(outFile, replace);
if (zipEntry.isDirectory()) { if (zipEntry.isDirectory()) {
// 目录 // 目录
//noinspection ResultOfMethodCallIgnored //noinspection ResultOfMethodCallIgnored