fix(restore): validate database file names in zip archive

Check that database entries in the zip have a .json suffix and a
non-empty base name before slicing the extension off. This prevents
a panic from index-out-of-range when the filename is too short.
Also use TrimPrefix instead of ReplaceAll for correctness.
This commit is contained in:
kolaente 2026-02-24 20:07:48 +01:00
parent 7971500467
commit 3c0ea7099e
1 changed files with 5 additions and 2 deletions

View File

@ -81,7 +81,10 @@ func Restore(filename string, overrideConfig bool) error {
continue
}
if strings.HasPrefix(file.Name, "database/") {
fname := strings.ReplaceAll(file.Name, "database/", "")
fname := strings.TrimPrefix(file.Name, "database/")
if !strings.HasSuffix(fname, ".json") || len(fname) <= 5 {
return fmt.Errorf("invalid database file name in zip archive: %q", file.Name)
}
dbfiles[fname[:len(fname)-5]] = file
continue
}
@ -90,7 +93,7 @@ func Restore(filename string, overrideConfig bool) error {
continue
}
if strings.HasPrefix(file.Name, "files/") {
filesFiles[strings.ReplaceAll(file.Name, "files/", "")] = file
filesFiles[strings.TrimPrefix(file.Name, "files/")] = file
continue
}
if file.Name == "VERSION" {