Skip to content
Permalink
Browse files Browse the repository at this point in the history
do not allow zip files to have upward relative path sections
  • Loading branch information
kevinhendricks committed Jun 26, 2019
1 parent ea7f27d commit 369eebe
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions src/Importers/ImportEPUB.cpp
Expand Up @@ -424,6 +424,14 @@ void ImportEPUB::ExtractContainer()

// If there is no file name then we can't do anything with it.
if (!qfile_name.isEmpty()) {

// for security reasons we need the file path to always be inside the
// target folder and not outside, so we will remove all relative upward
// paths segments ".." from the file path before prepending the target
// folder to create the final target path
qfile_name = qfile_name.replace("../","");
cp437_file_name = cp437_file_name.replace("../","");

// We use the dir object to create the path in the temporary directory.
// Unfortunately, we need a dir ojbect to do this as it's not a static function.
QDir dir(m_ExtractedFolderPath);
Expand Down

0 comments on commit 369eebe

Please sign in to comment.