Automated merge with head of lindenlab/viewer64

author: Callum Prentice <callum@gmail.com> 2017-06-08 15:36:42 -0700
committer: Callum Prentice <callum@gmail.com> 2017-06-08 15:36:42 -0700
commit: 07185d300d7879fc4d8d268210fa2c440efe02f4 (patch)
tree: 761fcb3e968339bc04882ea591f56af2fb175187 /indra/llvfs
parent: 8d36da00c885f31739ce6bf6dbc162a6ef3a15a1 (diff)
parent: cf5865c6e2b27918b526431ccc4309bfc702534e (diff)
1 files changed, 9 insertions, 2 deletions
diff --git a/indra/llvfs/lldir.cpp b/indra/llvfs/lldir.cpp
index 86a15f2ef2..924e1166ee 100644
--- a/indra/llvfs/lldir.cpp
+++ b/indra/llvfs/lldir.cpp
@@ -720,6 +720,15 @@ std::vector<std::string> LLDir::findSkinnedFilenames(const std::string& subdir,
 					   << ((constraint == CURRENT_SKIN)? "CURRENT_SKIN" : "ALL_SKINS")
 					   << LL_ENDL;
 
+	// Build results vector.
+	std::vector<std::string> results;
+	// Disallow filenames that may escape subdir
+	if (filename.find("..") != std::string::npos)
+	{
+		LL_WARNS("LLDir") << "Ignoring potentially relative filename '" << filename << "'" << LL_ENDL;
+		return results;
+	}
+
 	// Cache the default language directory for each subdir we've encountered.
 	// A cache entry whose value is the empty string means "not localized,
 	// don't bother checking again."
@@ -784,8 +793,6 @@ std::vector<std::string> LLDir::findSkinnedFilenames(const std::string& subdir,
 		}
 	}
 
-	// Build results vector.
-	std::vector<std::string> results;
 	// The process we use depends on 'constraint'.
 	if (constraint != CURRENT_SKIN) // meaning ALL_SKINS
 	{
author	Callum Prentice <callum@gmail.com>	2017-06-08 15:36:42 -0700
committer	Callum Prentice <callum@gmail.com>	2017-06-08 15:36:42 -0700
commit	07185d300d7879fc4d8d268210fa2c440efe02f4 (patch)
tree	761fcb3e968339bc04882ea591f56af2fb175187 /indra/llvfs
parent	8d36da00c885f31739ce6bf6dbc162a6ef3a15a1 (diff)
parent	cf5865c6e2b27918b526431ccc4309bfc702534e (diff)