GP-6714 fix path creation in SameDirDebugInfoProvider

2026-04-25 17:25:17 +02:00 · 2026-04-17 16:05:50 +00:00
parent 5a209ba931
commit eca163cca0
1 changed files with 10 additions and 2 deletions
--- a/Ghidra/Features/Base/src/main/java/ghidra/app/util/bin/format/dwarf/external/SameDirDebugInfoProvider.java
+++ b/Ghidra/Features/Base/src/main/java/ghidra/app/util/bin/format/dwarf/external/SameDirDebugInfoProvider.java
@@ -94,7 +94,7 @@ public class SameDirDebugInfoProvider implements DebugFileProvider {
 		if (debugInfo.hasDebugLink()) {
 			// This differs from the LocalDirDebugLinkProvider in that it does NOT recursively search
 			// for the file
-			File debugFile = new File(progDir, debugInfo.getFilename());
+			File debugFile = ensureSafeFilename(debugInfo.getFilename());
 			if (debugFile.isFile()) {
 				int fileCRC = LocalDirDebugLinkProvider.calcCRC(debugFile);
 				if (fileCRC == debugInfo.getCrc()) {
@@ -109,7 +109,7 @@ public class SameDirDebugInfoProvider implements DebugFileProvider {
 		if (debugInfo.hasBuildId()) {
 			// this probe is a w.a.g for what people might do when co-locating a build-id debug
 			// file with the original binary
-			File debugFile = new File(progDir, debugInfo.getBuildId() + ".debug");
+			File debugFile = ensureSafeFilename(debugInfo.getBuildId() + ".debug");
 			if (debugFile.isFile()) {
 				return debugFile;
 			}
@@ -118,4 +118,12 @@ public class SameDirDebugInfoProvider implements DebugFileProvider {
 		return null;
 	}

+	private File ensureSafeFilename(String filename) throws IOException {
+		File testFile = new File(progDir, filename);
+		if (!progDir.equals(testFile.getParentFile())) {
+			throw new IOException("Unsupported path specified in debug file: " + filename);
+		}
+		return testFile;
+	}
+
 }