[TIKA-3942] Improve naming for embedded file structure paths - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.7.0
Component/s: None
Labels:
None

Description

We currently rely on data in the container file or in the contained file for the internal path of an embedded file, e.g. /zip1.zip/zip2.zip/zip3.zip/something.txt

As a general rule, we should not trust user input, er files. I don't see any areas for malicious effects, but I can image a combination of events that could lead to path collisions.

Attachments

Issue Links

links to

GitHub Pull Request #834

Activity

People

Assignee:: Unassigned

Reporter:: Tim Allison

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 02/Dec/22 18:49

Updated:: 06/Feb/23 16:32

Resolved:: 02/Dec/22 22:02