function Archive_Tar::_isMaliciousFilename

Detect and report a malicious file name

Parameters

string $file:

Return value

bool

2 calls to Archive_Tar::_isMaliciousFilename()

Archive_Tar::_readHeader in vendor/pear/archive_tar/Archive/Tar.php

Archive_Tar::_readLongHeader in vendor/pear/archive_tar/Archive/Tar.php

File

vendor/pear/archive_tar/Archive/Tar.php, line 1807

Class

Archive_Tar

Creates a (compressed) Tar archive

Code

private function _isMaliciousFilename($file) {
    if (strpos($file, '://') !== false) {
        return true;
    }
    if (strpos($file, '../') !== false || strpos($file, '..\\') !== false) {
        return true;
    }
    return false;
}