Changeset 783

Timestamp:

2011-04-22T16:56:40+02:00 (2 years ago)

Author:

moo

Message:

avoid possible filename injection in admin page

Location:

trunk

Files:

• ChangeLog (modified) (1 diff)
• NEWS (modified) (1 diff)
• admin/common.php (modified) (2 diffs)

trunk/ChangeLog

@@ -13 +13 @@
 1.3.2 2011-??-??
 ========
+ * avoid possible filename injection in admin page
  * adds 30 seconds timeout to "compiling" flag
  * decompiler: improves decompiling

trunk/NEWS

@@ -4 +4 @@
 1.3.2 2011-??-??
 ========
+ * admin page security fix
  * adds 30 seconds timeout to "compiling" flag
  * improves decompiling

trunk/admin/common.php

@@ -1 +1 @@
 <?php
+
+function xcache_validateFileName($name)
+{
+    return preg_match('!^[a-zA-Z0-9._-]+$!', $name);
+}
 
 function get_language_file_ex($name, $l, $s)
@@ -16 +21 @@
         $l = $lmap[$l];
     }
-    if (file_exists($file = "$name-$l-$s.lang.php")) {
+    $file = "$name-$l-$s.lang.php";
+    if (xcache_validateFileName($file) && file_exists($file)) {
         return $file;
     }
     if (isset($smap[$s])) {
         $s = $smap[$s];
-        if (file_exists($file = "$name-$l-$s.lang.php")) {
+        $file = "$name-$l-$s.lang.php";
+        if (xcache_validateFileName($file) && file_exists($file)) {
             return $file;
         }
     }
-    if (file_exists($file = "$name-$l.lang.php")) {
+    $file = "$name-$l.lang.php";
+    if (xcache_validateFileName($file) && file_exists($file)) {
         return $file;
     }