--- file_not_specified_in_diff	
+++ file_not_specified_in_diff	
@@ -, +, @@ 
--- gzip.c
+++ gzip.c
@@ -1319,6 +1319,19 @@ 
                 char *base = p;
 		for (;;) {
 		    *p = (char)get_char();
+
+		    /* Don't allow embedded names to contain paths. */
+		    if (*p == PATH_SEP
+#ifdef PATH_SEP2
+			|| *p == PATH_SEP2
+#endif
+#ifdef PATH_SEP3
+			|| *p == PATH_SEP3
+#endif
+		    ) {
+			p = base;
+			continue;
+		    }
 		    if (*p++ == '\0') break;
 		    if (p >= ofname+sizeof(ofname)) {
 			error("corrupted input -- file name too large");