ZipPathValidator
public
final
class
ZipPathValidator
extends Object
Enables validation of zip file entry paths to prevent exploitation of the path traversal
vulnerability, e.g. zip path entries containing ".." or "/". For more details, read
this.
The default implementation accepts all zip file entry paths without raising any exceptions.
For custom validation rules, the core functionality should be implemented in a Callback
interface and that instance should be set in setCallback(dalvik.system.ZipPathValidator.Callback)
.
Existing validation could be set to a default one by calling clearCallback()
.
Summary
Nested classes |
interface |
ZipPathValidator.Callback
Interface that defines the core validation mechanism when accessing zip file entry paths.
|
Public methods |
static
void
|
clearCallback()
Clears the current validation mechanism by setting the current callback instance to a default
validation.
|
static
void
|
setCallback(ZipPathValidator.Callback callback)
Sets the current callback implementation for zip paths.
|
Inherited methods |
From class
java.lang.Object
Object
|
clone()
Creates and returns a copy of this object.
|
boolean
|
equals(Object obj)
Indicates whether some other object is "equal to" this one.
|
void
|
finalize()
Called by the garbage collector on an object when garbage collection
determines that there are no more references to the object.
|
final
Class<?>
|
getClass()
Returns the runtime class of this Object .
|
int
|
hashCode()
Returns a hash code value for the object.
|
final
void
|
notify()
Wakes up a single thread that is waiting on this object's
monitor.
|
final
void
|
notifyAll()
Wakes up all threads that are waiting on this object's monitor.
|
String
|
toString()
Returns a string representation of the object.
|
final
void
|
wait(long timeoutMillis, int nanos)
Causes the current thread to wait until it is awakened, typically
by being notified or interrupted, or until a
certain amount of real time has elapsed.
|
final
void
|
wait(long timeoutMillis)
Causes the current thread to wait until it is awakened, typically
by being notified or interrupted, or until a
certain amount of real time has elapsed.
|
final
void
|
wait()
Causes the current thread to wait until it is awakened, typically
by being notified or interrupted.
|
|
Public methods
clearCallback
public static void clearCallback ()
Clears the current validation mechanism by setting the current callback instance to a default
validation.
setCallback
public static void setCallback (ZipPathValidator.Callback callback)
Sets the current callback implementation for zip paths.
The provided callback should not perform IO or any blocking operations, but only perform path
validation. A typical implementation will validate String entries in a single pass and throw
a ZipException
if the path contains potentially hazardous components such as "..".
Parameters |
callback |
ZipPathValidator.Callback : An instance of Callback 's implementation.
This value cannot be null . |
Content and code samples on this page are subject to the licenses described in the Content License. Java and OpenJDK are trademarks or registered trademarks of Oracle and/or its affiliates.
Last updated 2024-04-11 UTC.
[{
"type": "thumb-down",
"id": "missingTheInformationINeed",
"label":"Missing the information I need"
},{
"type": "thumb-down",
"id": "tooComplicatedTooManySteps",
"label":"Too complicated / too many steps"
},{
"type": "thumb-down",
"id": "outOfDate",
"label":"Out of date"
},{
"type": "thumb-down",
"id": "samplesCodeIssue",
"label":"Samples / code issue"
},{
"type": "thumb-down",
"id": "otherDown",
"label":"Other"
}]
[{
"type": "thumb-up",
"id": "easyToUnderstand",
"label":"Easy to understand"
},{
"type": "thumb-up",
"id": "solvedMyProblem",
"label":"Solved my problem"
},{
"type": "thumb-up",
"id": "otherUp",
"label":"Other"
}]
{"lastModified": "Last updated 2024-04-11 UTC."}
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-04-11 UTC."]]