Throw exception on path traversal in WriteDocumentAsync

This commit is not tested on a Windows machine. I however checked the
same behavior with UNIX paths and a client name resembling path traversal
path. With this change, an exception is thrown if the full path does not
start with the log directory path.

MediaBrowser.Controller/ClientEvent/ClientEventLogger.cs

@@ -23,6 +23,11 @@ namespace MediaBrowser.Controller.ClientEvent
         {
             var fileName = $"upload_{clientName}_{clientVersion}_{DateTime.UtcNow:yyyyMMddHHmmss}_{Guid.NewGuid():N}.log";
             var logFilePath = Path.Combine(_applicationPaths.LogDirectoryPath, fileName);
+            if (!Path.GetFullPath(logFilePath).StartsWith(_applicationPaths.LogDirectoryPath, StringComparison.Ordinal))
+            {
+                throw new ArgumentException("Path resolved to filename not in log directory");
+            }
+
             await using var fileStream = new FileStream(logFilePath, FileMode.CreateNew, FileAccess.Write, FileShare.None);
             await fileContents.CopyToAsync(fileStream).ConfigureAwait(false);
             return fileName;