mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-05 00:07:44 +02:00
Code Issues Releases Wiki Activity

[ticket/11362] Correctly sanitise the directory path

Browse Source 
We need to correctly remove ../ form the path if possible by removing the
previous folder aswell. Otherwise the finder is unable to locate /adm/style
directories in extensions as he is looking for /adm/../adm/style instead.

PHPBB3-11362
This commit is contained in:
Joas Schilling
2013-03-12 22:35:31 +01:00
parent d6930df7a2
commit 567eefb2bd
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
phpBB/includes/extension/finder.php
View File

@@ -227,7 +227,7 @@ class phpbb_extension_finder
*/ */
protected function sanitise_directory($directory) protected function sanitise_directory($directory)
{ {
$directory = preg_replace('#(?:^|/)\./#', '/', $directory); $directory = phpbb_clean_path($directory);
$dir_len = strlen($directory); $dir_len = strlen($directory);
if ($dir_len > 1 && $directory[$dir_len - 1] === '/') if ($dir_len > 1 && $directory[$dir_len - 1] === '/')