src/pxar/sequential_decoder.rs: Also check for nul bytes when reading the filename
Check if the filename does not contain invalid nul byes when reading it from the archive. Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
This commit is contained in:
parent
4204e53560
commit
894cd49ac4
@ -129,8 +129,8 @@ impl <'a, R: Read, F: Fn(&Path) -> Result<(), Error>> SequentialDecoder<'a, R, F
|
|||||||
bail!("found invalid filename '.' or '..'.");
|
bail!("found invalid filename '.' or '..'.");
|
||||||
}
|
}
|
||||||
|
|
||||||
if buffer.iter().find(|b| (**b == b'/')).is_some() {
|
if buffer.iter().find(|b| (**b == b'/' || **b == b'\0')).is_some() {
|
||||||
bail!("found invalid filename with slashes.");
|
bail!("found invalid filename with slashes or nul bytes.");
|
||||||
}
|
}
|
||||||
|
|
||||||
let name = std::ffi::OsString::from_vec(buffer);
|
let name = std::ffi::OsString::from_vec(buffer);
|
||||||
|
Loading…
Reference in New Issue
Block a user