summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/src/deliver.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/src/src/deliver.c b/src/src/deliver.c
index 59fbeeaf9..72751c2dc 100644
--- a/src/src/deliver.c
+++ b/src/src/deliver.c
@@ -328,6 +328,10 @@ Returns: a file descriptor, or -1 (with errno set)
static int
open_msglog_file(uschar *filename, int mode, uschar **error)
{
+if (Ustrstr(filename, US"/../"))
+ log_write(0, LOG_MAIN|LOG_PANIC,
+ "Attempt to open msglog file path with upward-traversal: '%s'\n", filename);
+
for (int i = 2; i > 0; i--)
{
int fd = Uopen(filename,
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-28 19:40:26 +0000