Commit
Sanitize zip entry paths in purchase download grants
Commit details
Commit notes
Creator-controlled folder paths and display names were written into zip entries unvalidated, so a malicious pack could produce archive entries like ../../etc/passwd. Add sanitizeZipFileName/sanitizeZipFolderPath (strip traversal segments, path separators, control chars, reserved chars; cap depth and length) with unit tests, and apply them in the download-grant zip builder.
[private session redacted]
- Files changed
- 3
- Lines added
- +104
- Lines removed
- −3