JDK-4514340 : java.io.File.getCanonicalPath transforms "..." to ".." (win32)
  • Type: Bug
  • Component: core-libs
  • Sub-Component: java.io
  • Affected Version: 1.4.0
  • Priority: P4
  • Status: Closed
  • Resolution: Fixed
  • OS: windows_2000
  • CPU: x86
  • Submitted: 2001-10-12
  • Updated: 2013-08-08
  • Resolved: 2002-02-08
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
Other
1.4.1 hopperFixed
Related Reports
Relates :  
Description

Name: yyT116575			Date: 10/12/2001


java version "1.4.0-beta2"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.0-beta2-b76)
Java HotSpot(TM) Client VM (build 1.4.0-beta2-b76, mixed mode)


The method File.getCanonicalPath sometimes leaves updir (..) patterns
in paths for illegal input paths. For example, the path "a\...\...\b", when
canonicalized becomes "C:\a\..\..\b".
 
Since the path is illegal, the transformation of the "..." sequences to ".."
allows parent directories to be traversed. The getCanonicalPath method
can be used to do file security checks, without a SecurityManager. With 
this defect, security can be compromised.

public class CanonicalTest {
  public static void main(String[] args) throws Exception {
    System.out.println(new File(args[0]).getCanonicalPath());
  }
}

C:\>java CanonicalTest a\...\...\b
C:\a\..\..\b
(Review ID: 133660) 
======================================================================

Comments
CONVERTED DATA BugTraq+ Release Management Values COMMIT TO FIX: hopper FIXED IN: hopper INTEGRATED IN: hopper VERIFIED IN: hopper
14-06-2004

PUBLIC COMMENTS Now we reject invalid paths. ###@###.### 2001-10-18
18-10-2001

EVALUATION Windows function which we use for canonicalization is buggy, and fails for paths containing consequtive dots. We need to check for this and return an error for such paths. ###@###.### 2001-10-17
17-10-2001