diff --git a/src/com/xilinx/rapidwright/util/Installer.java b/src/com/xilinx/rapidwright/util/Installer.java
index 85347dc57..ed92f7462 100644
--- a/src/com/xilinx/rapidwright/util/Installer.java
+++ b/src/com/xilinx/rapidwright/util/Installer.java
@@ -200,7 +200,10 @@ public static void unzipFile(String zipFile, String destDir) {
             ZipEntry ze = zis.getNextEntry();
             while(ze != null){
                 String fileName = ze.getName();
-                File newFile = new File(destDir + File.separator + fileName);
+                File newFile = new File(destDir, fileName);
+                if(!newFile.toPath().normalize().startsWith(destDir)) {
+                    throw new RuntimeException("Bad zip entry");
+                }
                 System.out.println("Unzipping to "+newFile.getAbsolutePath());
                 
                 if(ze.isDirectory()){