ADFA-2590 Fix unzip hygiene

[hal-eisen-adfa]

Improve Path Validation
Add Entry Name Sanitization
Align with Existing Patterns

[coderabbitai]

📝 Walkthrough

Release Notes - ADFA-2590: Fix unzip hygiene

Security Improvements

• Path traversal attack mitigation: Implemented comprehensive validation of ZipEntry paths to prevent directory traversal attacks during AAR extraction
• Dangerous path pattern detection: Added checks to reject entries containing .., leading /, or leading \ characters that could be used for path traversal
• Secure path resolution: Replaced direct File-based path construction with Java NIO Path API using resolve() and normalize() for proper path handling
• Output containment validation: Added Path.startsWith() check to ensure all extracted files remain within the intended target directory (versionedUnzipDir)
• Absolute path normalization: Normalized and converted the target directory to an absolute path before processing entries, ensuring consistent path comparisons

Changes Made

• Added java.nio.file.Path import to support secure path operations
• Enhanced unzip process for Llama AAR with 19 lines added and 1 line removed
• Maintained existing error handling and cleanup logic (recursive deletion on failures)

Risk Considerations

⚠️ None identified - These are purely defensive security improvements with no breaking changes to the public API or existing functionality

Walkthrough

This PR enhances security in the DynamicLibraryLoader.kt by adding path traversal prevention during Llama AAR unzipping. It validates and normalizes ZipEntry paths, computes absolute normalized destinations, and uses Path-based validation to ensure extracted files remain within the intended directory.

Changes

Cohort / File(s)	Summary
Path Traversal Prevention app/src/main/java/com/itsaky/androidide/utils/DynamicLibraryLoader.kt	Adds validation for ZipEntry paths with dangerous pattern detection (.., leading slashes); computes normalized unzip destination directory; replaces File-based path construction with Path-based validation using Path.startsWith; throws IllegalStateException on traversal violations.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• ADFA-2589 Fix unzip hygiene  #848 — Implements the same path-sanitization fix pattern (normalizing destinations, validating entry names, using Path.startsWith) in a different module, enabling consistency across unzip operations.

Suggested reviewers

• itsaky-adfa
• jatezzz
• Daniel-ADFA
• dara-abijo-adfa

Poem

🐰 A path traversal scheme most dire,
Now blocked by validation's fire!
Normalized dirs and checks so keen,
Keep extraction clean and lean.
Security hops through every file,
Making safety's worth worthwhile! 🛡️

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'ADFA-2590 Fix unzip hygiene' is directly related to the changeset, which focuses on fixing security issues in the unzipping process for the Llama AAR file.
Description check	✅ Passed	The description outlines three key aspects (Path Validation, Entry Name Sanitization, and Alignment with Existing Patterns) that align with the actual changes made to the unzip functionality.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}