Prerequisites

• I have searched for similar issues and confirmed this is not a duplicate

Game Version

• Command & Conquer Generals
• Command & Conquer Generals: Zero Hour
• Other (please specify below)

Bug Description

The current game lacks file extension validation during map transfers. An attacker could potentially transfer files with arbitrary extensions, bypassing OS-level security controls or enabling further exploitation.

Issue #272 identified security vulnerabilities in map file transfers. PR #1058 addressed path traversal, but additional security improvements can be made by validating file extensions (.map, .ini, .str, .wak) during the transfer process.

Reproduction Steps

1. Initiate a map transfer in multiplayer
2. Observe that files with arbitrary extensions could potentially be transferred
3. No validation is performed on the file extension before transfer

Additional Context

This is a security enhancement related to the map transfer system. While path traversal was addressed in PR #1058, adding file extension validation would provide an additional layer of security by ensuring only legitimate map-related files (.map, .ini, .str, .wak) can be transferred between clients.