Documentation & API reference
function ArchiveTar::_maliciousFilename
Detect and report a malicious file name
@access private
Parameters
string $file:
Return value
bool
2 calls to ArchiveTar::_maliciousFilename()
- ArchiveTar::_readHeader in drupal/
core/ lib/ Drupal/ Component/ Archiver/ ArchiveTar.php - ArchiveTar::_readLongHeader in drupal/
core/ lib/ Drupal/ Component/ Archiver/ ArchiveTar.php
File
- drupal/
core/ lib/ Drupal/ Component/ Archiver/ ArchiveTar.php, line 1367
Class
- ArchiveTar
- Creates a (compressed) Tar archive
Namespace
Drupal\Component\ArchiverCode
function _maliciousFilename($file) {
if (strpos($file, '/../') !== false) {
return true;
}
if (strpos($file, '../') === 0) {
return true;
}
return false;
}