diff options
author | Michael Stahl <michael.stahl@allotropia.de> | 2024-07-04 14:07:25 +0200 |
---|---|---|
committer | Michael Stahl <michael.stahl@allotropia.de> | 2024-07-05 10:16:57 +0200 |
commit | 6f547b36ee56b2ddebcb400e7336b9d80af7de4c (patch) | |
tree | 98bb0a5d410b6ebce888a65845755e07e64d566c | |
parent | 3bb5b8558f6a6482d87d4fbacd65efc9fdb7e5af (diff) |
comphelper: treat zip file path segments '.' and '..' as invalid
This will prevent also opening with RepairPackage, would need to adapt
ZipPackage::getZipFileContents() a bit, but let's hope nobody acutally
has such files.
Also treat path that starts with "/" as invalid, presumably it's not
allowed by APPNOTE.TXT:
"The name of the file, with optional relative path."
Change-Id: Ic694ea2fb34f5de1d490a9a251cf56e4004e9673
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/169994
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
Tested-by: Jenkins
(cherry picked from commit 6005260078c126bf3f1cf4d6f1ebb631453f5ac7)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/169963
-rw-r--r-- | comphelper/source/misc/storagehelper.cxx | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/comphelper/source/misc/storagehelper.cxx b/comphelper/source/misc/storagehelper.cxx index b00e8c543752..b0b7897fd2ab 100644 --- a/comphelper/source/misc/storagehelper.cxx +++ b/comphelper/source/misc/storagehelper.cxx @@ -566,10 +566,17 @@ uno::Sequence< beans::NamedValue > OStorageHelper::CreateGpgPackageEncryptionDat bool OStorageHelper::IsValidZipEntryFileName( std::u16string_view aName, bool bSlashAllowed ) { + long nDots{0}; for ( size_t i = 0; i < aName.size(); i++ ) { switch ( aName[i] ) { + case '.': + if (nDots != -1) + { + ++nDots; + } + break; case '\\': case '?': case '<': @@ -579,15 +586,17 @@ bool OStorageHelper::IsValidZipEntryFileName( std::u16string_view aName, bool bS case ':': return false; case '/': - if ( !bSlashAllowed ) + if (!bSlashAllowed || nDots == 1 || nDots == 2 || i == 0) return false; + nDots = 0; break; default: + nDots = -1; if ( aName[i] < 32 || (aName[i] >= 0xD800 && aName[i] <= 0xDFFF) ) return false; } } - return true; + return nDots != 1 && nDots != 2; } |