private function Archive_Tar::_isMaliciousFilename in Drupal 7
Detect and report a malicious file name
Parameters
string $file:
Return value
bool
2 calls to Archive_Tar::_isMaliciousFilename()
- Archive_Tar::_readHeader in modules/
system/ system.tar.inc - Archive_Tar::_readLongHeader in modules/
system/ system.tar.inc
File
- modules/
system/ system.tar.inc, line 1861
Class
Code
private function _isMaliciousFilename($file) {
if (strpos($file, '://') !== false) {
return true;
}
if (strpos($file, '../') !== false || strpos($file, '..\\') !== false) {
return true;
}
return false;
}