Browse Source

avoid possible filename injection in admin page

git-svn-id: svn://svn.lighttpd.net/xcache/trunk@783 c26eb9a1-5813-0410-bd6c-c2e55f420ca7
3.0
Xuefer 11 years ago
parent
commit
d4a2f773a0
  1. 1
      ChangeLog
  2. 1
      NEWS
  3. 14
      admin/common.php

1
ChangeLog

@ -12,6 +12,7 @@ ChangeLog
1.3.2 2011-??-??
========
* avoid possible filename injection in admin page
* adds 30 seconds timeout to "compiling" flag
* decompiler: improves decompiling
* disassembler: DECLARE_INHERITED_CLASS/DELAYED class not found

1
NEWS

@ -3,6 +3,7 @@
1.3.2 2011-??-??
========
* admin page security fix
* adds 30 seconds timeout to "compiling" flag
* improves decompiling
* memory leak on recompile

14
admin/common.php

@ -1,5 +1,10 @@
<?php
function xcache_validateFileName($name)
{
return preg_match('!^[a-zA-Z0-9._-]+$!', $name);
}
function get_language_file_ex($name, $l, $s)
{
static $lmap = array(
@ -15,16 +20,19 @@ function get_language_file_ex($name, $l, $s)
if (isset($lmap[$l])) {
$l = $lmap[$l];
}
if (file_exists($file = "$name-$l-$s.lang.php")) {
$file = "$name-$l-$s.lang.php";
if (xcache_validateFileName($file) && file_exists($file)) {
return $file;
}
if (isset($smap[$s])) {
$s = $smap[$s];
if (file_exists($file = "$name-$l-$s.lang.php")) {
$file = "$name-$l-$s.lang.php";
if (xcache_validateFileName($file) && file_exists($file)) {
return $file;
}
}
if (file_exists($file = "$name-$l.lang.php")) {
$file = "$name-$l.lang.php";
if (xcache_validateFileName($file) && file_exists($file)) {
return $file;
}
return null;

Loading…
Cancel
Save