Validate all zip entry names during restore to reject entries containing directory traversal sequences (e.g. ../../../pwned.txt). This prevents a Zip Slip attack where a malicious archive could write files outside the intended extraction directory. |
||
|---|---|---|
| .. | ||
| dump.go | ||
| restore.go | ||
| restore_test.go | ||