diff options
| -rw-r--r-- | ext/zip/php_zip.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/ext/zip/php_zip.c b/ext/zip/php_zip.c index adf1e5d56c..5fb0a253e3 100644 --- a/ext/zip/php_zip.c +++ b/ext/zip/php_zip.c @@ -1383,6 +1383,10 @@ static ZIPARCHIVE_METHOD(open) RETURN_FALSE; } + if (OPENBASEDIR_CHECKPATH(filename)) { + RETURN_FALSE; + } + if (!expand_filepath(filename, resolved_path TSRMLS_CC)) { RETURN_FALSE; } |