Merge pull request #46 from microbit-foundation/install-samples

Fix zip path traversal error and update to v3.0.6 (56)

Author: martinwork

app/src/main/AndroidManifest.xml

@@ -15,8 +15,8 @@
 -->
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
     xmlns:tools="http://schemas.android.com/tools"
-    android:versionCode="55"
-    android:versionName="3.0.5">
+    android:versionCode="56"
+    android:versionName="3.0.6">
 
     <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
     <uses-permission android:name="android.permission.ACCESS_WIFI_STATE"/>

app/src/main/java/com/samsung/microbit/utils/ProjectsHelper.java

@@ -205,13 +205,18 @@ public static boolean installSamples( Context context) {
             while((ze = zin.getNextEntry()) != null) {
                 Log.v("MicroBit", "Unzipping " + ze.getName());
 
+                File f = projectFile(context, ze.getName());
+                if (!f.getCanonicalPath().startsWith(projectRoot(context).getCanonicalPath())) {
+                    // Skip file with unexpected directory
+                    continue;
+                }
+
                 if (ze.isDirectory()) {
-                    File f = projectFile( context, ze.getName());
                     if ( !f.isDirectory()) {
                         f.mkdirs();
                     }
                 } else {
-                    FileOutputStream fout = new FileOutputStream( projectFile( context, ze.getName()));
+                    FileOutputStream fout = new FileOutputStream(f);
                     BufferedOutputStream bufout = new BufferedOutputStream(fout);
                     byte[] buffer = new byte[1024];
                     int read = 0;