Lines 181-186
Link Here
|
181 |
|
181 |
|
182 |
void Job::onEntry(Archive::Entry *entry) |
182 |
void Job::onEntry(Archive::Entry *entry) |
183 |
{ |
183 |
{ |
|
|
184 |
const QString entryFullPath = entry->fullPath(); |
185 |
if (QDir::cleanPath(entryFullPath).contains(QLatin1String("../"))) { |
186 |
qCWarning(ARK) << "Possibly malicious archive. Detected entry that could lead to a directory traversal attack:" << entryFullPath; |
187 |
onError(i18n("Could not load the archive because it contains ill-formed entries and might be a malicious archive."), QString()); |
188 |
onFinished(false); |
189 |
return; |
190 |
} |
191 |
|
184 |
emit newEntry(entry); |
192 |
emit newEntry(entry); |
185 |
} |
193 |
} |
186 |
|
194 |
|