From 267bfd34020a4f297c2de9cc0cde50ebe5d024d4 Mon Sep 17 00:00:00 2001
From: Kovid Goyal <kovid@kovidgoyal.net>
Date: Mon, 2 Feb 2026 09:51:18 +0530
Subject: [PATCH] EPUB Input: Ensure font obfuscation processing happens only
 on files from the EPUB

---
 .../ebooks/conversion/plugins/epub_input.py        |  4 +++-
 src/calibre/utils/filenames.py                     | 14 ++++++++++++++
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/src/calibre/ebooks/conversion/plugins/epub_input.py b/src/calibre/ebooks/conversion/plugins/epub_input.py
index 0b4b71b214..a85ec01a74 100644
--- a/src/calibre/ebooks/conversion/plugins/epub_input.py
+++ b/src/calibre/ebooks/conversion/plugins/epub_input.py
@@ -44,6 +44,8 @@ class EPUBInput(InputFormatPlugin):
         import uuid
 
         from lxml import etree
+
+        from calibre.utils.filenames import is_existing_subpath
         idpf_key = opf.raw_unique_identifier
         if idpf_key:
             idpf_key = re.sub(r'[ \t\r\n]', '', idpf_key)
@@ -74,7 +76,7 @@ class EPUBInput(InputFormatPlugin):
                 uri = cr.get('URI')
                 path = os.path.abspath(os.path.join(os.path.dirname(encfile), '..', *uri.split('/')))
                 tkey = (key if algorithm == ADOBE_OBFUSCATION else idpf_key)
-                if (tkey and os.path.exists(path)):
+                if (tkey and is_existing_subpath(path, os.getcwd())):
                     self._encrypted_font_uris.append(uri)
                     decrypt_font(tkey, path, algorithm)
             return True
diff --git a/src/calibre/utils/filenames.py b/src/calibre/utils/filenames.py
index c33796e285..99e829a2ac 100644
--- a/src/calibre/utils/filenames.py
+++ b/src/calibre/utils/filenames.py
@@ -631,6 +631,20 @@ def copytree_using_links(path, dest, dest_is_parent=True, filecopyfunc=copyfile)
                 filecopyfunc(src, df)
 
 
+def is_existing_subpath(child: str, parent: str) -> bool:
+    ' Check if child is under parent. If either child or parent dont exist, returns False. '
+    try:
+        parent = os.path.realpath(parent, strict=True)  # resolve symlinks
+        child = os.path.realpath(child, strict=True)
+    except OSError:
+        return False
+    parent = os.path.abspath(parent)
+    child = os.path.abspath(child)
+    if not parent.endswith(os.sep):
+        parent += os.sep
+    return child.startswith(parent)
+
+
 rmtree = shutil.rmtree