This PR introduces a simple string sanitizer into the codebase. It's used to sanitize some strings which are intended to be embedded in filenames the library calculates. Before, there was a chance for malicious files to generate files with arbitrary filenames. This is no longer possible, as all "dangerous" characters are now just replaced by a safe one.
This PR introduces a simple string sanitizer into the codebase. It's used to sanitize some strings which are intended to be embedded in filenames the library calculates. Before, there was a chance for malicious files to generate files with arbitrary filenames. This is no longer possible, as all "dangerous" characters are now just replaced by a safe one.