summaryrefslogtreecommitdiff
path: root/filter
diff options
context:
space:
mode:
authorMikhail Voytenko <mav@openoffice.org>2010-08-10 11:05:20 +0200
committerMikhail Voytenko <mav@openoffice.org>2010-08-10 11:05:20 +0200
commit284ee8838d76f1f2d9db52a8b3f70876daba97ad (patch)
treef81f5d14e0d4a3d1f6abdc706e5d053b67efda51 /filter
parented873a73fde10c2a9511388024bef97522517cf4 (diff)
mav56: #163253# tread invalid path segments correctly
Diffstat (limited to 'filter')
-rw-r--r--filter/source/xsltdialog/xmlfilterjar.cxx8
1 files changed, 8 insertions, 0 deletions
diff --git a/filter/source/xsltdialog/xmlfilterjar.cxx b/filter/source/xsltdialog/xmlfilterjar.cxx
index 5592c331713f..0a01310b3b40 100644
--- a/filter/source/xsltdialog/xmlfilterjar.cxx
+++ b/filter/source/xsltdialog/xmlfilterjar.cxx
@@ -101,6 +101,10 @@ static OUString encodeZipUri( const OUString& rURI )
static Reference< XInterface > addFolder( Reference< XInterface >& xRootFolder, Reference< XSingleServiceFactory >& xFactory, const OUString& rName ) throw( Exception )
{
+ if ( rName.equals( OUString( RTL_CONSTASCII_USTRINGPARAM( ".." ) ) )
+ || rName.equals( OUString( RTL_CONSTASCII_USTRINGPARAM( "." ) ) ) )
+ throw lang::IllegalArgumentException();
+
Sequence< Any > aArgs(1);
aArgs[0] <<= (sal_Bool)sal_True;
@@ -362,6 +366,10 @@ bool XMLFilterJarHelper::copyFile( Reference< XHierarchicalNameAccess > xIfc, OU
{
OUString szPackagePath( encodeZipUri( rURL.copy( sVndSunStarPackage.getLength() ) ) );
+ if ( ::comphelper::OStorageHelper::PathHasSegment( szPackagePath, OUString( RTL_CONSTASCII_USTRINGPARAM( ".." ) ) )
+ || ::comphelper::OStorageHelper::PathHasSegment( szPackagePath, OUString( RTL_CONSTASCII_USTRINGPARAM( "." ) ) ) )
+ throw lang::IllegalArgumentException();
+
if( xIfc->hasByHierarchicalName( szPackagePath ) )
{
Reference< XActiveDataSink > xFileEntry;