icedream
/
gmadsharp
mirror of https://github.com/icedream/gmadsharp.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Just a tiny bit of extra security.

master
Icedream 2014-12-11 05:36:03 +01:00
parent a183baebb4
commit d247c85ee9
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/addoncreator/Program.cs
View File

@ -103,7 +103,7 @@ namespace GarrysMod.AddonCreator
// extract files
foreach (var file in addon.Files)
{
var relpath = file.Key;
var relpath = file.Key.Replace(Path.DirectorySeparatorChar, '/');
var targetFile =
new FileInfo(Path.Combine(folder.FullName,
relpath.Replace('/', Path.DirectorySeparatorChar)));
@ -112,8 +112,8 @@ namespace GarrysMod.AddonCreator
// create directory
var dir = targetFile.Directory;
if (dir == null)
continue; // I still need to think about the weird logic here
if (dir == null || relpath.Contains("../"))
continue; // relative path trying to be sneaky here
dir.Create();
// create file