From 5268087d25982a044b8d765f18a9c39b7d04af50 Mon Sep 17 00:00:00 2001
From: extremecoders-re <extremecoders@hotmail.com>
Date: Fri, 9 Jun 2023 03:01:02 +0530
Subject: [PATCH] Handle CArchive entries starting with an absolute file path,
 closes #67

---
 pyinstxtractor.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/pyinstxtractor.py b/pyinstxtractor.py
index 88c0097..bbce779 100644
--- a/pyinstxtractor.py
+++ b/pyinstxtractor.py
@@ -232,6 +232,11 @@ class PyInstArchive:
                 self.fPtr.read(entrySize - 4))
 
             name = name.decode('utf-8').rstrip('\0')
+            
+            # Prevent writing outside the extraction directory
+            if name.startswith("/"):
+                name = name.lstrip("/")
+
             if len(name) == 0:
                 name = str(uniquename())
                 print('[!] Warning: Found an unamed file in CArchive. Using random name {0}'.format(name))