EPUB Input: Ensure font obfuscation processing happens only on files from the EPUB

src/calibre/ebooks/conversion/plugins/epub_input.py

@@ -44,6 +44,8 @@ class EPUBInput(InputFormatPlugin):
         import uuid
 
         from lxml import etree
+
+        from calibre.utils.filenames import is_existing_subpath
         idpf_key = opf.raw_unique_identifier
         if idpf_key:
             idpf_key = re.sub(r'[ \t\r\n]', '', idpf_key)
@@ -74,7 +76,7 @@ class EPUBInput(InputFormatPlugin):
                 uri = cr.get('URI')
                 path = os.path.abspath(os.path.join(os.path.dirname(encfile), '..', *uri.split('/')))
                 tkey = (key if algorithm == ADOBE_OBFUSCATION else idpf_key)
-                if (tkey and os.path.exists(path)):
+                if (tkey and is_existing_subpath(path, os.getcwd())):
                     self._encrypted_font_uris.append(uri)
                     decrypt_font(tkey, path, algorithm)
             return True

src/calibre/utils/filenames.py

@@ -631,6 +631,20 @@ def copytree_using_links(path, dest, dest_is_parent=True, filecopyfunc=copyfile)
                 filecopyfunc(src, df)
 
 
+def is_existing_subpath(child: str, parent: str) -> bool:
+    ' Check if child is under parent. If either child or parent dont exist, returns False. '
+    try:
+        parent = os.path.realpath(parent, strict=True)  # resolve symlinks
+        child = os.path.realpath(child, strict=True)
+    except OSError:
+        return False
+    parent = os.path.abspath(parent)
+    child = os.path.abspath(child)
+    if not parent.endswith(os.sep):
+        parent += os.sep
+    return child.startswith(parent)
+
+
 rmtree = shutil.rmtree