Mercurial > hg > mlmmj
diff contrib/web/php-admin/htdocs/save.php @ 783:a50b8ab11d28
Validate input in php-admin to avoid altering arbitrary files
(Florian Streibelt, Morten Shearman Kirkegaard)
author | Ben Schmidt |
---|---|
date | Sun, 21 Nov 2010 00:25:20 +1100 |
parents | 6d354f3a8d90 |
children | d92234debf5c |
line wrap: on
line diff
--- a/contrib/web/php-admin/htdocs/save.php Fri Feb 19 03:21:55 2010 +1100 +++ b/contrib/web/php-admin/htdocs/save.php Sun Nov 21 00:25:20 2010 +1100 @@ -79,6 +79,15 @@ if(!isset($list)) die("no list specified"); +if (strchr($list, "/") !== false) +die("slash in list name"); + +if ($list == ".") +die("list name is dot"); + +if ($list == "..") +die("list name is dot-dot"); + if(!is_dir($topdir."/".$list)) die("non-existent list");