function Archive_Tar::_maliciousFilename
7.x system.tar.inc | Archive_Tar::_maliciousFilename($file) |
Detect and report a malicious file name
@access private
Parameters
string $file:
Return value
bool
2 calls to Archive_Tar::_maliciousFilename()
- Archive_Tar::_readHeader in drupal-7.x/
modules/ system/ system.tar.inc - Archive_Tar::_readLongHeader in drupal-7.x/
modules/ system/ system.tar.inc
File
- drupal-7.x/
modules/ system/ system.tar.inc, line 1363
Class
- Archive_Tar
- Creates a (compressed) Tar archive *
Code
function _maliciousFilename($file)
{
if (strpos($file, '/../') !== false) {
return true;
}
if (strpos($file, '../') === 0) {
return true;
}
return false;
}