private function Archive_Tar::_maliciousFilename

Detect and report a malicious file name

Parameters

string $file:

Return value

bool

2 calls to Archive_Tar::_maliciousFilename()
Archive_Tar::_readHeader in drupal/modules/system/system.tar.inc
Archive_Tar::_readLongHeader in drupal/modules/system/system.tar.inc

File

drupal/modules/system/system.tar.inc, line 1806

Class

Archive_Tar

Code

private function _maliciousFilename($file) {
  if (strpos($file, '/../') !== false) {
    return true;
  }
  if (strpos($file, '../') === 0) {
    return true;
  }
  return false;
}