From 18b97ba5b37c0134513886062946d0fd521a9b5e Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers3@gmail.com>
Date: Sun, 12 May 2013 23:51:28 -0500
Subject: [PATCH] image_name_ok_as_dir(): Don't allow names of '.' and '..'

---
 src/extract_image.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/extract_image.c b/src/extract_image.c
index 7a46fe8f..7793a8c0 100644
--- a/src/extract_image.c
+++ b/src/extract_image.c
@@ -897,7 +897,9 @@ static bool
 image_name_ok_as_dir(const tchar *image_name)
 {
 	return image_name && *image_name &&
-		!tstrpbrk(image_name, filename_forbidden_chars);
+		!tstrpbrk(image_name, filename_forbidden_chars) &&
+		tstrcmp(image_name, T(".")) &&
+		tstrcmp(image_name, T(".."));
 }
 
 /* Extracts all images from the WIM to the directory @target, with the images
-- 
2.43.0