fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

I solved some issues with Directory traversal

Browse Source
This commit is contained in:
Paula V. Quispe
2015-03-26 16:31:46 -04:00
parent c595bd10bf
commit 576c83d738
2 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
workflow/engine/controllers/pmTablesProxy.php
View File

@@ -666,9 +666,12 @@ class pmTablesProxy extends HttpProxyController
public function importCSV ($httpData) public function importCSV ($httpData)
{ {
G::LoadClass('pmFunctions'); G::LoadClass('pmFunctions');
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$countRow = 250; $countRow = 250;
if (preg_match( '/[\x00-\x08\x0b-\x0c\x0e\x1f]/', file_get_contents( $_FILES['form']['tmp_name']['CSV_FILE'] ) ) === 0) { if (preg_match( '/[\x00-\x08\x0b-\x0c\x0e\x1f]/', file_get_contents( $_FILES['form']['tmp_name']['CSV_FILE'] ) ) === 0) {
$filename = $_FILES['form']['name']['CSV_FILE']; $filename = $_FILES['form']['name']['CSV_FILE'];
$filename = $filter->xssFilterHard($filename, 'path');
if ($oFile = fopen( $_FILES['form']['tmp_name']['CSV_FILE'], 'r' )) { if ($oFile = fopen( $_FILES['form']['tmp_name']['CSV_FILE'], 'r' )) {
require_once 'classes/model/AdditionalTables.php'; require_once 'classes/model/AdditionalTables.php';
$oAdditionalTables = new AdditionalTables(); $oAdditionalTables = new AdditionalTables();
@@ -762,8 +765,11 @@ class pmTablesProxy extends HttpProxyController
*/ */
public function importCSVDeprecated ($httpData) public function importCSVDeprecated ($httpData)
{ {
G::LoadSystem('inputfilter');
$filter = new InputFilter();
if (preg_match( '/[\x00-\x08\x0b-\x0c\x0e\x1f]/', file_get_contents( $_FILES['form']['tmp_name']['CSV_FILE'] ) ) === 0) { if (preg_match( '/[\x00-\x08\x0b-\x0c\x0e\x1f]/', file_get_contents( $_FILES['form']['tmp_name']['CSV_FILE'] ) ) === 0) {
$filename = $_FILES['form']['name']['CSV_FILE']; $filename = $_FILES['form']['name']['CSV_FILE'];
$filename = $filter->xssFilterHard($filename, 'path');
if ($oFile = fopen( $_FILES['form']['tmp_name']['CSV_FILE'], 'r' )) { if ($oFile = fopen( $_FILES['form']['tmp_name']['CSV_FILE'], 'r' )) {
require_once 'classes/model/AdditionalTables.php'; require_once 'classes/model/AdditionalTables.php';
$oAdditionalTables = new AdditionalTables(); $oAdditionalTables = new AdditionalTables();

4
workflow/engine/methods/setup/languages_Import.php
View File

@@ -56,10 +56,12 @@ try {
$sMaxExecutionTime = ini_get( 'max_execution_time' ); $sMaxExecutionTime = ini_get( 'max_execution_time' );
ini_set( 'max_execution_time', '0' ); ini_set( 'max_execution_time', '0' );
G::LoadClass( 'configuration' ); G::LoadClass( 'configuration' );
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$languageFile = $_FILES['form']['tmp_name']['LANGUAGE_FILENAME']; $languageFile = $_FILES['form']['tmp_name']['LANGUAGE_FILENAME'];
$languageFilename = $_FILES['form']['name']['LANGUAGE_FILENAME']; $languageFilename = $_FILES['form']['name']['LANGUAGE_FILENAME'];
$languageFilename = $filter->xssFilterHard($languageFilename, 'path');
if (substr_compare( $languageFilename, ".gz", - 3, 3, true ) == 0) { if (substr_compare( $languageFilename, ".gz", - 3, 3, true ) == 0) {
$zp = gzopen( $languageFile, "r" ); $zp = gzopen( $languageFile, "r" );
$languageFile = tempnam( __FILE__, '' ); $languageFile = tempnam( __FILE__, '' );