summaryrefslogtreecommitdiff
path: root/filter/source/xsltdialog/xmlfilterjar.cxx
diff options
context:
space:
mode:
Diffstat (limited to 'filter/source/xsltdialog/xmlfilterjar.cxx')
-rw-r--r--filter/source/xsltdialog/xmlfilterjar.cxx8
1 files changed, 8 insertions, 0 deletions
diff --git a/filter/source/xsltdialog/xmlfilterjar.cxx b/filter/source/xsltdialog/xmlfilterjar.cxx
index 5592c331713f..0a01310b3b40 100644
--- a/filter/source/xsltdialog/xmlfilterjar.cxx
+++ b/filter/source/xsltdialog/xmlfilterjar.cxx
@@ -101,6 +101,10 @@ static OUString encodeZipUri( const OUString& rURI )
static Reference< XInterface > addFolder( Reference< XInterface >& xRootFolder, Reference< XSingleServiceFactory >& xFactory, const OUString& rName ) throw( Exception )
{
+ if ( rName.equals( OUString( RTL_CONSTASCII_USTRINGPARAM( ".." ) ) )
+ || rName.equals( OUString( RTL_CONSTASCII_USTRINGPARAM( "." ) ) ) )
+ throw lang::IllegalArgumentException();
+
Sequence< Any > aArgs(1);
aArgs[0] <<= (sal_Bool)sal_True;
@@ -362,6 +366,10 @@ bool XMLFilterJarHelper::copyFile( Reference< XHierarchicalNameAccess > xIfc, OU
{
OUString szPackagePath( encodeZipUri( rURL.copy( sVndSunStarPackage.getLength() ) ) );
+ if ( ::comphelper::OStorageHelper::PathHasSegment( szPackagePath, OUString( RTL_CONSTASCII_USTRINGPARAM( ".." ) ) )
+ || ::comphelper::OStorageHelper::PathHasSegment( szPackagePath, OUString( RTL_CONSTASCII_USTRINGPARAM( "." ) ) ) )
+ throw lang::IllegalArgumentException();
+
if( xIfc->hasByHierarchicalName( szPackagePath ) )
{
Reference< XActiveDataSink > xFileEntry;
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-26 07:30:41 +0000