From ec07133ad03d5bf2f1e4ff36a9e6cb6ef440147f Mon Sep 17 00:00:00 2001
From: Jeremy Landis <jeremylandis@hotmail.com>
Date: Wed, 25 Sep 2024 20:02:45 -0400
Subject: [PATCH] Fix code scanning alert no. 7: Arbitrary file access during
 archive extraction ("Zip Slip")

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 src/main/java/org/apache/ibatis/io/DefaultVFS.java | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/main/java/org/apache/ibatis/io/DefaultVFS.java b/src/main/java/org/apache/ibatis/io/DefaultVFS.java
index 9fa5da4e1b2..f0f93dfad62 100644
--- a/src/main/java/org/apache/ibatis/io/DefaultVFS.java
+++ b/src/main/java/org/apache/ibatis/io/DefaultVFS.java
@@ -79,10 +79,15 @@ public List<String> list(URL url, String path) throws IOException {
               if (log.isDebugEnabled()) {
                 log.debug("Listing " + url);
               }
+              File destinationDir = new File(path);
               for (JarEntry entry; (entry = jarInput.getNextJarEntry()) != null;) {
                 if (log.isDebugEnabled()) {
                   log.debug("Jar entry: " + entry.getName());
                 }
+                File entryFile = new File(destinationDir, entry.getName()).getCanonicalFile();
+                if (!entryFile.getPath().startsWith(destinationDir.getCanonicalPath())) {
+                  throw new IOException("Bad zip entry: " + entry.getName());
+                }
                 children.add(entry.getName());
               }
             }