diff options
Diffstat (limited to 'chrome/common/zip.cc')
| -rw-r--r-- | chrome/common/zip.cc | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/chrome/common/zip.cc b/chrome/common/zip.cc index 6909cc6..9c0adea 100644 --- a/chrome/common/zip.cc +++ b/chrome/common/zip.cc @@ -29,6 +29,11 @@ static bool ExtractCurrentFile(unzFile zip_file, if (filename_inzip[0] == '\0') return false; + // Check the filename here for directory traversal issues. In the name of + // simplicity and security, we might reject a valid filename such as "a..b" + if (strstr(filename_inzip, "..") != NULL) + return false; + err = unzOpenCurrentFile(zip_file); if (err != UNZ_OK) return false; |