diff --git a/src/java/org/jitsi/videobridge/openfire/PluginImpl.java b/src/java/org/jitsi/videobridge/openfire/PluginImpl.java
index 7df4d93..b301bf4 100644
--- a/src/java/org/jitsi/videobridge/openfire/PluginImpl.java
+++ b/src/java/org/jitsi/videobridge/openfire/PluginImpl.java
@@ -507,6 +507,9 @@ else if ( nativeLibFolder.mkdirs() )
                         }
                         final File extractedFile = new File( nativeLibFolder,
                                                         jarEntry.getName() );
+                        if (!extractedFile.toPath().normalize().startsWith(nativeLibFolder.toPath().normalize())) {
+                            throw new RuntimeException("Bad zip entry");
+                        }
                         Log.debug( "Copying file '{}' from native library " +
                             "into '{}'.", jarEntry, extractedFile );