summaryrefslogtreecommitdiff
path: root/indra/newview/llviewermessage.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'indra/newview/llviewermessage.cpp')
-rw-r--r--indra/newview/llviewermessage.cpp5
1 files changed, 5 insertions, 0 deletions
diff --git a/indra/newview/llviewermessage.cpp b/indra/newview/llviewermessage.cpp
index b6c524065c..72bc991a24 100644
--- a/indra/newview/llviewermessage.cpp
+++ b/indra/newview/llviewermessage.cpp
@@ -5157,6 +5157,11 @@ void process_initiate_download(LLMessageSystem* msg, void**)
msg->getString("FileData", "SimFilename", sim_filename);
msg->getString("FileData", "ViewerFilename", viewer_filename);
+ if (!gXferManager->validateFileForRequest(viewer_filename))
+ {
+ llwarns << "SECURITY: Unauthorized download to local file " << viewer_filename << llendl;
+ return;
+ }
gXferManager->requestFile(viewer_filename,
sim_filename,
LL_PATH_NONE,
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 02:10:43 +0000