diff --git a/core/src/main/java/com/nnbc123/core/room/face/DynamicFaceModel.java b/core/src/main/java/com/nnbc123/core/room/face/DynamicFaceModel.java
index d870c734c..0f57cd765 100644
--- a/core/src/main/java/com/nnbc123/core/room/face/DynamicFaceModel.java
+++ b/core/src/main/java/com/nnbc123/core/room/face/DynamicFaceModel.java
@@ -753,6 +753,7 @@ public class DynamicFaceModel extends BaseModel implements IDynamicFaceModel {
                 BufferedInputStream bis = new BufferedInputStream(zis);
                 //输出路径（文件夹目录）
                 String parent = facesRootDir.getAbsolutePath() + "/" + faceListInfo.getVersion();
+                String parentPre = new File(parent).getCanonicalPath();
                 File file;
                 ZipEntry entry;
                 while ((entry = zis.getNextEntry()) != null) {
@@ -768,6 +769,9 @@ public class DynamicFaceModel extends BaseModel implements IDynamicFaceModel {
                         continue;
                     }
                     file = new File(parent, entry.getName());
+                    if (!file.getCanonicalPath().startsWith(parentPre)) {
+                        throw new SecurityException();
+                    }
                     if (!file.exists()) {
                         (new File(file.getParent())).mkdirs();
                     } else if (file.exists() && file.isFile() && file.length() > 0) {