You are here

Home » API reference » Drupal 7 » system.tar.inc » Archive_Tar

private function Archive_Tar::_isMaliciousFilename in Drupal 7

Detect and report a malicious file name

Parameters

string $file:

Return value

bool

2 calls to Archive_Tar::_isMaliciousFilename()
Archive_Tar::_readHeader in modules/system/system.tar.inc
Archive_Tar::_readLongHeader in modules/system/system.tar.inc

File

modules/system/system.tar.inc, line 1861

Class

Archive_Tar

Code

private function _isMaliciousFilename($file) {
  if (strpos($file, '://') !== false) {
    return true;
  }
  if (strpos($file, '../') !== false || strpos($file, '..\\') !== false) {
    return true;
  }
  return false;
}