From 48b48e7c13be1b949074f42660a33c7ef57135e1 Mon Sep 17 00:00:00 2001
From: liyansong2018 <1321993383@qq.com>
Date: Sat, 6 Apr 2024 10:40:29 +0800
Subject: [PATCH] Fix Path Traversal in Netplay server

---
 src/drivers/Qt/NetPlay.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/drivers/Qt/NetPlay.cpp b/src/drivers/Qt/NetPlay.cpp
index 970c8b4e..0f7e3a02 100644
--- a/src/drivers/Qt/NetPlay.cpp
+++ b/src/drivers/Qt/NetPlay.cpp
@@ -811,11 +811,12 @@ void NetPlayServer::processClientRomLoadRequests(void)
 			{
 				FILE *fp;
 				QString filepath = QDir::tempPath();
+				QFileInfo rompath = QFileInfo(client->romLoadData.fileName);
 				const char *romData = client->romLoadData.buf;
 				const size_t romSize = client->romLoadData.size;
 
 				filepath.append( "/" );
-				filepath.append( client->romLoadData.fileName );
+				filepath.append( rompath.fileName() );
 
 				//printf("Load ROM Request Received: %s\n", filepath.c_str());
 				//printf("Dumping Temp Rom to: %s\n", filepath.c_str());