fix: validate the list of allowed file names when extracting files form zip folder

[MohamadJaara]

---

PR Submission Checklist for internal contributors

• The PR Title

  • conforms to the style of semantic commits messages¹ supported in Wire's Github Workflow²
  • contains a reference JIRA issue number like SQPIT-764
  • answers the question: If merged, this PR will: ... ³

• The PR Description

  • is free of optional paragraphs and you have filled the relevant parts to the best of your ability

---

What's new in this PR?

Issues

files can be extracted outside the destination folder

Solutions

limit the set of file names that are allowed to be extracted

Dependencies (Optional)

If there are some other pull requests related to this one (e.g. new releases of frameworks), specify them here.

Needs releases with:

• GitHub link to other pull request

Testing

Test Coverage (Optional)

• I have added automated test to this contribution

How to Test

Briefly describe how this change was tested and if applicable the exact steps taken to verify that it works as expected.

Notes (Optional)

Specify here any other facts that you think are important for this issue.

Attachments (Optional)

Attachments like images, videos, etc. (drag and drop in the text box)

---

PR Post Submission Checklist for internal contributors (Optional)

• Wire's Github Workflow has automatically linked the PR to a JIRA issue

---

PR Post Merge Checklist for internal contributors

• If any soft of configuration variable was introduced by this PR, it has been added to the relevant documents and the CI jobs have been updated.

---

References

1. https://sparkbox.com/foundry/semantic_commit_messages
2. https://github.com/wireapp/.github#usage
3. E.g. feat(conversation-list): Sort conversations by most emojis in the title #SQPIT-764.

[github-actions]

Unit Test Results

   472 files  ±0     472 suites  ±0   2m 31s ⏱️ -1s
2 631 tests ±0  2 527 ✔️ ±0  104 💤 ±0  0 ❌ ±0 

Results for commit ae73ae9. ± Comparison against base commit b0c7e37.

♻️ This comment has been updated with latest results.

[datadog-wireapp]

Datadog Report

All test runs 7b0eb3f 🔗

✅ 2 Total Test Services: 0 Failed, 0 with New Flaky, 2 Passed

Test Services

Service Name	Failed	Known Flaky	New Flaky	Passed	Skipped	Wall Time	Branch View
kalium-ios	0	0	0	1822	30	9.09s	Link
kalium-jvm	0	0	0	2527	104	11m 0s	Link

[codecov-commenter]

Codecov Report

Merging #2221 (ae73ae9) into develop (b0c7e37) will increase coverage by 0.02%.
The diff coverage is 80.00%.

Additional details and impacted files

@@              Coverage Diff              @@
##             develop    #2221      +/-   ##
=============================================
+ Coverage      57.98%   58.00%   +0.02%     
  Complexity        21       21              
=============================================
  Files           1075     1075              
  Lines          40805    40811       +6     
  Branches        3780     3779       -1     
=============================================
+ Hits           23660    23672      +12     
+ Misses         15525    15520       -5     
+ Partials        1620     1619       -1     

Files	Coverage Δ
...ire/kalium/logic/feature/backup/BackupConstants.kt	100.00% <100.00%> (ø)
...um/logic/feature/backup/RestoreWebBackupUseCase.kt	82.81% <100.00%> (ø)
...alium/logic/feature/backup/RestoreBackupUseCase.kt	70.90% <66.66%> (+1.18%)	⬆️

... and 2 files with indirect coverage changes

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b0c7e37...ae73ae9. Read the comment docs.

[yamilmedina]

Great addition to have this extra layer of security 🚀