10 сар өмнө · 70de42e2e7
--- a/Projects/Src/Compression.SevenZipDecoder.pas
+++ b/Projects/Src/Compression.SevenZipDecoder.pas
@@ -18,7 +18,10 @@ function SevenZipDecode(const FileName, DestDir: String;
 
				 implementation

			
 
				 

			
 
				 uses

			
 
				-  Windows, SysUtils, Setup.LoggingFunc;

			
 
				+  Windows, SysUtils, PathFunc, Setup.LoggingFunc;

			
 
				+

			
 
				+var

			
 
				+  ExpandedDestDir: String;

			
 
				 

			
 
				 { Compiled by Visual Studio 2022 using compile.bat

			
 
				   To enable source debugging recompile using compile-bcc32c.bat and turn off the VISUALSTUDIO define below

			
@@ -28,11 +31,16 @@ uses
 
				 

			
 
				 function IS_7zDec(const fileName: PChar; const fullPaths: Bool): Integer; cdecl; external name '_IS_7zDec';

			
 
				 

			
 
				-{$IFDEF VISUALSTUDIO}

			
 
				 function __CreateDirectoryW(lpPathName: LPCWSTR;

			
 
				   lpSecurityAttributes: PSecurityAttributes): BOOL; cdecl;

			
 
				 begin

			
 
				-  Result := CreateDirectoryW(lpPathName, lpSecurityAttributes);

			
 
				+  var ExpandedDir := PathExpand(lpPathName);

			
 
				+  if PathStartsWith(ExpandedDir, ExpandedDestDir) then

			
 
				+    Result := CreateDirectoryW(PChar(ExpandedDir), lpSecurityAttributes)

			
 
				+  else begin

			
 
				+    Result := False;

			
 
				+    SetLastError(ERROR_ACCESS_DENIED);

			
 
				+  end;

			
 
				 end;

			
 
				 

			
 
				 { Never actually called but still required by the linker }

			
@@ -50,9 +58,17 @@ function __CreateFileW(lpFileName: LPCWSTR; dwDesiredAccess, dwShareMode: DWORD;
 
				   lpSecurityAttributes: PSecurityAttributes; dwCreationDisposition, dwFlagsAndAttributes: DWORD;

			
 
				   hTemplateFile: THandle): THandle; cdecl;

			
 
				 begin

			
 
				-  Result := CreateFileW(lpFileName, dwDesiredAccess, dwShareMode, lpSecurityAttributes, dwCreationDisposition, dwFlagsAndAttributes, hTemplateFile);

			
 
				+  var ExpandedFileName := PathExpand(lpFileName);

			
 
				+  if PathStartsWith(ExpandedFileName, ExpandedDestDir) then

			
 
				+    Result := CreateFileW(PChar(ExpandedFileName), dwDesiredAccess, dwShareMode, lpSecurityAttributes, dwCreationDisposition, dwFlagsAndAttributes, hTemplateFile)

			
 
				+  else begin

			
 
				+    Result := INVALID_HANDLE_VALUE;

			
 
				+    SetLastError(ERROR_ACCESS_DENIED);

			
 
				+  end;

			
 
				 end;

			
 
				 

			
 
				+{$IFDEF VISUALSTUDIO}

			
 
				+

			
 
				 function __FileTimeToLocalFileTime(lpFileTime: PFileTime; var lpLocalFileTime: TFileTime): BOOL; cdecl;

			
 
				 begin

			
 
				   Result := FileTimeToLocalFileTime(lpFileTime, lpLocalFileTime);

			
@@ -211,6 +227,7 @@ begin
 
				     Exit(-1);

			
 
				   try

			
 
				     LogBuffer := '';

			
 
				+    ExpandedDestDir := PathExpand(DestDir);

			
 
				     Result := IS_7zDec(PChar(FileName), FullPaths);

			
 
				     if LogBuffer <> '' then

			
 
				       Log(LogBuffer);

			
--- a/Projects/Src/Compression.SevenZipDecoder/7zDecode/IS7zDec.c
+++ b/Projects/Src/Compression.SevenZipDecoder/7zDecode/IS7zDec.c
@@ -7,13 +7,8 @@
 
				 

			
 
				 #include "../../../../Components/Lzma2/Util/7z/Precomp.h" /* Says it must be included first */

			
 
				 

			
 
				-#ifdef _MSC_VER

			
 
				-

			
 
				-/* Stop 7-Zip from using stdcall functions which will get unavoidable decorated names from

			
 
				-   MSVC's cl.exe which Delphi can't handle: first include windows.h and then hide the

			
 
				-   functions 7-Zip wants to use with macros pointing to cdecl prototypes. This will enable

			
 
				-   us to call the stdcall function from a cdecl implementation in Delphi and keeps the

			
 
				-   rest of windows.h available to 7-Zip. */

			
 
				+/* Stop 7-Zip from directly creating files and directories. This will enable us to perform

			
 
				+   extra checks from a cdecl implementation in Delphi. */

			
 
				 

			
 
				 #include "../../../../Components/Lzma2/7zWindows.h"

			
 
				 

			
@@ -26,6 +21,15 @@ HANDLE _CreateFileA(LPCSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode,
 
				 HANDLE _CreateFileW(LPCWSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile);

			
 
				 #define CreateFileW _CreateFileW

			
 
				 

			
 
				+#ifdef _MSC_VER

			
 
				+

			
 
				+/* MSVC only:

			
 
				+   Stop 7-Zip from using stdcall functions which will get unavoidable decorated names from

			
 
				+   MSVC's cl.exe which Delphi can't handle: first include windows.h and then hide the

			
 
				+   functions 7-Zip wants to use with macros pointing to cdecl prototypes. This will enable

			
 
				+   us to call the stdcall function from a cdecl implementation in Delphi and keeps the

			
 
				+   rest of windows.h available to 7-Zip. */

			
 
				+

			
 
				 BOOL _FileTimeToLocalFileTime(FILETIME* lpFileTime, LPFILETIME lpLocalFileTime);

			
 
				 #define FileTimeToLocalFileTime _FileTimeToLocalFileTime