fix: improve logging messages for zip security errors (#750)(PR #1698)

Logging error messages on invalid file-names or path traversal attacks improved

fix: improve logging messages for zip security errors (#750)(PR #1698)
Logging error messages on invalid file-names or path traversal attacks improved
8a45602a · Jan S · GitHub · 711419a7 · 8a45602a · 8a45602a
2 changed file
--- a/jadx-core/src/main/java/jadx/core/xmlgen/ResourcesSaver.java
+++ b/jadx-core/src/main/java/jadx/core/xmlgen/ResourcesSaver.java
@@ -49,7 +49,7 @@ public class ResourcesSaver implements Runnable {
 	private void save(ResContainer rc, File outDir) {
 		File outFile = new File(outDir, rc.getFileName());
 		if (!ZipSecurity.isInSubDirectory(outDir, outFile)) {
-			LOG.error("Path traversal attack detected, invalid resource name: {}", outFile.getPath());
+			LOG.error("Invalid resource name or path traversal attack detected: {}", outFile.getPath());
 			return;
 		}
 		saveToFile(rc, outFile);

--- a/jadx-plugins/jadx-plugins-api/src/main/java/jadx/api/plugins/utils/ZipSecurity.java
+++ b/jadx-plugins/jadx-plugins-api/src/main/java/jadx/api/plugins/utils/ZipSecurity.java
@@ -53,10 +53,10 @@ public class ZipSecurity {
 			if (isInSubDirectoryInternal(currentPath, canonical)) {
 				return true;
 			}
-			LOG.error("Path traversal attack detected, invalid name: {}", entryName);
+			LOG.error("Invalid file name or path traversal attack detected: {}", entryName);
 			return false;
 		} catch (Exception e) {
-			LOG.error("Path traversal attack detected, invalid name: {}", entryName);
+			LOG.error("Invalid file name or path traversal attack detected: {}", entryName);
 			return false;
 		}
 	}