OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "third_party/zlib/google/zip_reader.h" | 5 #include "third_party/zlib/google/zip_reader.h" |
6 | 6 |
7 #include "base/file_util.h" | 7 #include "base/file_util.h" |
8 #include "base/logging.h" | 8 #include "base/logging.h" |
9 #include "base/strings/string_util.h" | 9 #include "base/strings/string_util.h" |
10 #include "base/strings/utf_string_conversions.h" | 10 #include "base/strings/utf_string_conversions.h" |
(...skipping 21 matching lines...) Expand all Loading... |
32 original_size_ = raw_file_info.uncompressed_size; | 32 original_size_ = raw_file_info.uncompressed_size; |
33 | 33 |
34 // Directory entries in zip files end with "/". | 34 // Directory entries in zip files end with "/". |
35 is_directory_ = EndsWith(file_name_in_zip, "/", false); | 35 is_directory_ = EndsWith(file_name_in_zip, "/", false); |
36 | 36 |
37 // Check the file name here for directory traversal issues. | 37 // Check the file name here for directory traversal issues. |
38 is_unsafe_ = file_path_.ReferencesParent(); | 38 is_unsafe_ = file_path_.ReferencesParent(); |
39 | 39 |
40 // We also consider that the file name is unsafe, if it's invalid UTF-8. | 40 // We also consider that the file name is unsafe, if it's invalid UTF-8. |
41 base::string16 file_name_utf16; | 41 base::string16 file_name_utf16; |
42 if (!UTF8ToUTF16(file_name_in_zip.data(), file_name_in_zip.size(), | 42 if (!base::UTF8ToUTF16(file_name_in_zip.data(), file_name_in_zip.size(), |
43 &file_name_utf16)) { | 43 &file_name_utf16)) { |
44 is_unsafe_ = true; | 44 is_unsafe_ = true; |
45 } | 45 } |
46 | 46 |
47 // We also consider that the file name is unsafe, if it's absolute. | 47 // We also consider that the file name is unsafe, if it's absolute. |
48 // On Windows, IsAbsolute() returns false for paths starting with "/". | 48 // On Windows, IsAbsolute() returns false for paths starting with "/". |
49 if (file_path_.IsAbsolute() || StartsWithASCII(file_name_in_zip, "/", false)) | 49 if (file_path_.IsAbsolute() || StartsWithASCII(file_name_in_zip, "/", false)) |
50 is_unsafe_ = true; | 50 is_unsafe_ = true; |
51 | 51 |
52 // Construct the last modified time. The timezone info is not present in | 52 // Construct the last modified time. The timezone info is not present in |
53 // zip files, so we construct the time as local time. | 53 // zip files, so we construct the time as local time. |
(...skipping 253 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
307 } | 307 } |
308 | 308 |
309 void ZipReader::Reset() { | 309 void ZipReader::Reset() { |
310 zip_file_ = NULL; | 310 zip_file_ = NULL; |
311 num_entries_ = 0; | 311 num_entries_ = 0; |
312 reached_end_ = false; | 312 reached_end_ = false; |
313 current_entry_info_.reset(); | 313 current_entry_info_.reset(); |
314 } | 314 } |
315 | 315 |
316 } // namespace zip | 316 } // namespace zip |
OLD | NEW |