chromium_src.git - central chromium sources

diff options

author	cevans@chromium.org <cevans@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2009-07-23 22:31:42 +0000
committer	cevans@chromium.org <cevans@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2009-07-23 22:31:42 +0000
commit	62a206d0ac3305edb0b4c0a7a681c1e8024fe159 (patch)
tree	11b49d1a4bf0b33b8a7f99428973e31d0cb5df38 /build
parent	686dd8db46810742a3eeec888c293aa528d4a938 (diff)
download	chromium_src-62a206d0ac3305edb0b4c0a7a681c1e8024fe159.zip chromium_src-62a206d0ac3305edb0b4c0a7a681c1e8024fe159.tar.gz chromium_src-62a206d0ac3305edb0b4c0a7a681c1e8024fe159.tar.bz2

Avoid directory traversal attacks when unpacking zips. The sandbox would tend

to catch & deny this, but the Linux and Mac port does not yet do extension packing inside the sandbox. Therefore, reject any filenames in the zip which have .. in them. BUG=NONE TEST=ZipTest.UnzipEvil Review URL: http://codereview.chromium.org/160028 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@21460 0039d316-1c4b-4281-b951-d872f2087c98

Diffstat (limited to 'build')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: