merge changes for 5.0.5-release

author: Oz Linden <oz@lindenlab.com> 2017-05-23 04:56:13 -0400
committer: Oz Linden <oz@lindenlab.com> 2017-05-23 04:56:13 -0400
commit: 069dd355f90116b500065b40bfb36622be1faee5 (patch)
tree: fe6cf12e89a715f46cf4e95ad91a5cf7f0e0c8a9 /indra/llvfs
parent: f9e049c9e5cc01b464e66cab3e34e33864946c0c (diff)
parent: 48af8529a80052e9bc42f81f36896739f8aff861 (diff)
1 files changed, 9 insertions, 2 deletions
diff --git a/indra/llvfs/lldir.cpp b/indra/llvfs/lldir.cpp
index 86a15f2ef2..924e1166ee 100644
--- a/indra/llvfs/lldir.cpp
+++ b/indra/llvfs/lldir.cpp
@@ -720,6 +720,15 @@ std::vector<std::string> LLDir::findSkinnedFilenames(const std::string& subdir,
 					   << ((constraint == CURRENT_SKIN)? "CURRENT_SKIN" : "ALL_SKINS")
 					   << LL_ENDL;
 
+	// Build results vector.
+	std::vector<std::string> results;
+	// Disallow filenames that may escape subdir
+	if (filename.find("..") != std::string::npos)
+	{
+		LL_WARNS("LLDir") << "Ignoring potentially relative filename '" << filename << "'" << LL_ENDL;
+		return results;
+	}
+
 	// Cache the default language directory for each subdir we've encountered.
 	// A cache entry whose value is the empty string means "not localized,
 	// don't bother checking again."
@@ -784,8 +793,6 @@ std::vector<std::string> LLDir::findSkinnedFilenames(const std::string& subdir,
 		}
 	}
 
-	// Build results vector.
-	std::vector<std::string> results;
 	// The process we use depends on 'constraint'.
 	if (constraint != CURRENT_SKIN) // meaning ALL_SKINS
 	{
author	Oz Linden <oz@lindenlab.com>	2017-05-23 04:56:13 -0400
committer	Oz Linden <oz@lindenlab.com>	2017-05-23 04:56:13 -0400
commit	069dd355f90116b500065b40bfb36622be1faee5 (patch)
tree	fe6cf12e89a715f46cf4e95ad91a5cf7f0e0c8a9 /indra/llvfs
parent	f9e049c9e5cc01b464e66cab3e34e33864946c0c (diff)
parent	48af8529a80052e9bc42f81f36896739f8aff861 (diff)