Merge cherrypicks of [17585758] into security-aosp-qt-release.
Change-Id: I60ffa81746e98da9b906686adf6c6761d214a774
diff --git a/adb/client/file_sync_client.cpp b/adb/client/file_sync_client.cpp
index 5d10238..9b59096 100644
--- a/adb/client/file_sync_client.cpp
+++ b/adb/client/file_sync_client.cpp
@@ -629,6 +629,18 @@
if (!ReadFdExactly(sc.fd, buf, len)) return false;
buf[len] = 0;
+ // Address the unlikely scenario wherein a
+ // compromised device/service might be able to
+ // traverse across directories on the host. Let's
+ // shut that door!
+ if (strchr(buf, '/')
+#if defined(_WIN32)
+ || strchr(buf, '\\')
+#endif
+ ) {
+ return false;
+ }
+
func(msg.dent.mode, msg.dent.size, msg.dent.time, buf);
}
}