Backport of Win-specific suppression of potentially rogue construct that can 2p: b5ad48db08
Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/modules/adb/+/17606585
Bug: 209438553
Change-Id: I853ca2c73c16231efea343c6c57fd1b4c2cc8b0a
Merged-In: Ie1f82db2fb14e1bdd183bf8d3d93d5e9f974be5d
diff --git a/client/file_sync_client.cpp b/client/file_sync_client.cpp
index a7e8e01..8f8601b 100644
--- a/client/file_sync_client.cpp
+++ b/client/file_sync_client.cpp
@@ -544,15 +544,17 @@
if (!ReadFdExactly(fd, buf, len)) return false;
buf[len] = 0;
-
- // Address the highly unlikely scenario wherein a
+ // Address the unlikely scenario wherein a
// compromised device/service might be able to
// traverse across directories on the host. Let's
// shut that door!
- if (strchr(buf, '/')) {
+ if (strchr(buf, '/')
+#if defined(_WIN32)
+ || strchr(buf, '\\')
+#endif
+ ) {
return false;
}
-
callback(dent.mode, dent.size, dent.mtime, buf);
}
}
