|
Lines 181-186
Link Here
|
| 181 |
|
181 |
|
| 182 |
void Job::onEntry(Archive::Entry *entry) |
182 |
void Job::onEntry(Archive::Entry *entry) |
| 183 |
{ |
183 |
{ |
|
|
184 |
const QString entryFullPath = entry->fullPath(); |
| 185 |
if (QDir::cleanPath(entryFullPath).contains(QLatin1String("../"))) { |
| 186 |
qCWarning(ARK) << "Possibly malicious archive. Detected entry that could lead to a directory traversal attack:" << entryFullPath; |
| 187 |
onError(i18n("Could not load the archive because it contains ill-formed entries and might be a malicious archive."), QString()); |
| 188 |
onFinished(false); |
| 189 |
return; |
| 190 |
} |
| 191 |
|
| 184 |
emit newEntry(entry); |
192 |
emit newEntry(entry); |
| 185 |
} |
193 |
} |
| 186 |
|
194 |
|
