Fix zip slip issue on Windows

HonestJim · May 24, 2021 · 1381daf · 1381daf
1 parent ac542ad
commit 1381daf
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/webgoat-integration-tests/src/test/java/org/owasp/webgoat/PathTraversalTest.java b/webgoat-integration-tests/src/test/java/org/owasp/webgoat/PathTraversalTest.java
@@ -108,7 +108,10 @@ public void assignment4() throws IOException {
     }
 
     public void assignment5() throws IOException {
-        var webGoatDirectory = new File(System.getProperty("user.dir") + "/target/.webgoat/PathTraversal/" + getWebgoatUser());
+        var webGoatHome = System.getProperty("user.dir") + "/target/.webgoat/PathTraversal/" + getWebgoatUser();
+        webGoatHome = webGoatHome.replaceAll("^[a-zA-Z]:", ""); //Remove C: from the home directory on Windows
+
+        var webGoatDirectory = new File(webGoatHome);
         var zipFile = new File(webGoatDirectory, "upload.zip");
         try (var zos = new ZipOutputStream(new FileOutputStream(zipFile))) {
             ZipEntry e = new ZipEntry("../../../../../../../../../../" + webGoatDirectory.toString() + "/image.jpg");