normalize out unicode ligatures

Fix: GHSA-r6q2-hw4h-h46w

Author: isaacs

src/normalize-unicode.ts

@@ -9,7 +9,11 @@ const MAX = 10000
 const cache = new Set<string>()
 export const normalizeUnicode = (s: string): string => {
   if (!cache.has(s)) {
-    normalizeCache[s] = s.normalize('NFD')
+    // shake out identical accents and ligatures
+    normalizeCache[s] = s
+      .normalize('NFD')
+      .toLocaleLowerCase('en')
+      .toLocaleUpperCase('en')
   } else {
     cache.delete(s)
   }

src/path-reservations.ts

@@ -56,9 +56,7 @@ export class PathReservations {
         ['win32 parallelization disabled']
       : paths.map(p => {
           // don't need normPath, because we skip this entirely for windows
-          return stripTrailingSlashes(
-            join(normalizeUnicode(p)),
-          ).toLowerCase()
+          return stripTrailingSlashes(join(normalizeUnicode(p)))
         })
 
     const dirs = new Set<string>(

tap-snapshots/test/normalize-unicode.js-win32.test.cjs

@@ -6,25 +6,25 @@
  */
 'use strict'
 exports[`test/normalize-unicode.js win32 > TAP > normalize with strip slashes > "＼＼＼＼＼eee＼＼＼＼＼＼" > normalized 1`] = `
-＼＼＼＼＼eee＼＼＼＼＼＼
+＼＼＼＼＼EEE＼＼＼＼＼＼
 `
 
 exports[`test/normalize-unicode.js win32 > TAP > normalize with strip slashes > "\\\\a\\\\b\\\\c\\\\d\\\\" > normalized 1`] = `
-/a/b/c/d
+/A/B/C/D
 `
 
 exports[`test/normalize-unicode.js win32 > TAP > normalize with strip slashes > "﹨aaaa﹨dddd﹨" > normalized 1`] = `
-﹨aaaa﹨dddd﹨
+﹨AAAA﹨DDDD﹨
 `
 
 exports[`test/normalize-unicode.js win32 > TAP > normalize with strip slashes > "＼bbb＼eee＼" > normalized 1`] = `
-＼bbb＼eee＼
+＼BBB＼EEE＼
 `
 
 exports[`test/normalize-unicode.js win32 > TAP > normalize with strip slashes > "1/4foo.txt" > normalized 1`] = `
-1/4foo.txt
+1/4FOO.TXT
 `
 
 exports[`test/normalize-unicode.js win32 > TAP > normalize with strip slashes > "¼foo.txt" > normalized 1`] = `
-¼foo.txt
+¼FOO.TXT
 `

test/ghsa-8qq5-rm4j-mr97.ts

@@ -42,7 +42,10 @@ t.test('verify that linkpaths get sanitized properly', async t => {
   })
 
   writeFileSync(resolve(out, 'exploit_hard'), 'OVERWRITTEN')
-  t.equal(readFileSync(resolve(dir, 'secret.txt'), 'utf8'), 'ORIGINAL DATA')
+  t.equal(
+    readFileSync(resolve(dir, 'secret.txt'), 'utf8'),
+    'ORIGINAL DATA',
+  )
 
   t.not(readlinkSync(resolve(out, 'exploit_sym')), targetSym)
 })

test/ghsa-r6q2-hw4h-h46w.ts

@@ -0,0 +1,71 @@
+import t from 'tap'
+import { normalizeUnicode } from '../src/normalize-unicode.js'
+import { Header } from '../src/header.js'
+import { extract } from '../src/extract.js'
+import { resolve } from 'node:path'
+import { lstatSync, readFileSync, statSync } from 'node:fs'
+
+// these characters are problems on macOS's APFS
+const chars = {
+  ['ff'.normalize('NFC')]: 'FF',
+  ['fi'.normalize('NFC')]: 'FI',
+  ['fl'.normalize('NFC')]: 'FL',
+  ['ffi'.normalize('NFC')]: 'FFI',
+  ['ffl'.normalize('NFC')]: 'FFL',
+  ['ſt'.normalize('NFC')]: 'ST',
+  ['st'.normalize('NFC')]: 'ST',
+  ['ẛ'.normalize('NFC')]: 'Ṡ',
+  ['ß'.normalize('NFC')]: 'SS',
+  ['ẞ'.normalize('NFC')]: 'SS',
+  ['ſ'.normalize('NFC')]: 'S',
+}
+
+for (const [c, n] of Object.entries(chars)) {
+  t.test(`${c} => ${n}`, async t => {
+    t.equal(normalizeUnicode(c), n)
+
+    t.test('link then file', async t => {
+      const tarball = Buffer.alloc(2048)
+      new Header({
+        path: c,
+        type: 'SymbolicLink',
+        linkpath: './target',
+      }).encode(tarball, 0)
+      new Header({
+        path: n,
+        type: 'File',
+        size: 1,
+      }).encode(tarball, 512)
+      tarball[1024] = 'x'.charCodeAt(0)
+
+      const cwd = t.testdir({ tarball })
+
+      await extract({ cwd, file: resolve(cwd, 'tarball') })
+
+      t.throws(() => statSync(resolve(cwd, 'target')))
+      t.equal(readFileSync(resolve(cwd, n), 'utf8'), 'x')
+    })
+
+    t.test('file then link', { saveFixture: true }, async t => {
+      const tarball = Buffer.alloc(2048)
+      new Header({
+        path: n,
+        type: 'File',
+        size: 1,
+      }).encode(tarball, 0)
+      tarball[512] = 'x'.charCodeAt(0)
+      new Header({
+        path: c,
+        type: 'SymbolicLink',
+        linkpath: './target',
+      }).encode(tarball, 1024)
+
+      const cwd = t.testdir({ tarball })
+
+      await extract({ cwd, file: resolve(cwd, 'tarball') })
+
+      t.throws(() => statSync(resolve(cwd, 'target')))
+      t.equal(lstatSync(resolve(cwd, c)).isSymbolicLink(), true)
+    })
+  })
+}

test/normalize-unicode.js

@@ -21,7 +21,7 @@ t.equal(
   'matching unicodes',
 )
 t.equal(normalizeUnicode(cafe1), normalizeUnicode(cafe2), 'cached')
-t.equal(normalizeUnicode('foo'), 'foo', 'non-unicode string')
+t.equal(normalizeUnicode('foo'), 'FOO', 'non-unicode string')
 
 if (fakePlatform === 'win32') {
   t.test('normalize with strip slashes', t => {