Merge pull request #1546 from LennyMcLennington/fix/dont-unzip-invalid-filenames

fix(MMCZip): ignore invalid file paths in extractSubDir
2023-02-10 01:17:49 +00:00 · 2023-02-10 01:17:49 +00:00 · 4398cb5dc5
commit 4398cb5dc5
parent 7b547c842c 9f457e0ce6
1 changed files with 6 additions and 1 deletions
--- a/launcher/MMCZip.cpp
+++ b/launcher/MMCZip.cpp
@ -292,10 +292,15 @@ std::optional<QStringList> MMCZip::extractSubDir(QuaZip *zip, const QString & su
    do
    {
        QString name = zip->getCurrentFileName();
-        if(!name.startsWith(subdir))
+        if(!QDir::cleanPath(name).startsWith(subdir))
        {
            continue;
        }
+        if (QDir::isAbsolutePath(name) || QDir::cleanPath(name).startsWith(".."))
+        {
+            qDebug() << "extractSubDir: Skipping file that tries to place itself in an absolute location or in a parent directory.";
+            continue;
+        }

        name.remove(0, subdir.size());
        auto original_name = name;