fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

I solved some issues with Directory traversal

Browse Source
This commit is contained in:
Paula V. Quispe
2015-03-26 16:14:32 -04:00
parent 1bb9f57152
commit c595bd10bf
4 changed files with 14 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
workflow/engine/classes/class.wsTools.php
View File

@@ -1387,6 +1387,9 @@ class workspaceTools
static public function dirPerms($filename, $owner, $group, $perms) static public function dirPerms($filename, $owner, $group, $perms)
{ {
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$filename = $filter->xssFilterHard($filename, 'path');
$chown = @chown($filename, $owner); $chown = @chown($filename, $owner);
$chgrp = @chgrp($filename, $group); $chgrp = @chgrp($filename, $group);
$chmod = @chmod($filename, $perms); $chmod = @chmod($filename, $perms);

7
workflow/engine/methods/dynaforms/dynaforms_FlatEditor.php
View File

@@ -33,6 +33,8 @@ G::LoadClass( 'dynaFormField' );
G::LoadClass( 'process' ); G::LoadClass( 'process' );
G::LoadClass( 'dynaform' ); G::LoadClass( 'dynaform' );
//G::LoadClass('configuration'); //G::LoadClass('configuration');
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$G_MAIN_MENU = 'processmaker'; $G_MAIN_MENU = 'processmaker';
@@ -73,9 +75,10 @@ if (! file_exists( PATH_DYNAFORM . $file . '.xml' )) {
/* End Comment */ /* End Comment */
/* Start Comment: Create and temporal copy. */ /* Start Comment: Create and temporal copy. */
$copy = implode( '', file( PATH_DYNAFORM . $file . '.xml' ) ); $pathFile = $filter->xssFilterHard(PATH_DYNAFORM . $file . '.xml', 'path');
$copy = implode( '', file( $pathFile ) );
$file .= '_tmp0'; $file .= '_tmp0';
$fcopy = fopen( PATH_DYNAFORM . $file . '.xml', "w" ); $fcopy = fopen( $pathFile , "w" );
fwrite( $fcopy, $copy ); fwrite( $fcopy, $copy );
fclose( $fcopy ); fclose( $fcopy );
/* End Comment */ /* End Comment */

3
workflow/engine/methods/dynaforms/dynaforms_Save_as.php
View File

@@ -36,6 +36,8 @@ if (! class_exists( "FieldCondition" )) {
try { try {
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$frm = $_POST['form']; $frm = $_POST['form'];
$PRO_UID = $frm['PRO_UID']; $PRO_UID = $frm['PRO_UID'];
$DYN_UID = $frm['DYN_UID']; $DYN_UID = $frm['DYN_UID'];
@@ -62,6 +64,7 @@ try {
$hd = fopen( PATH_DYNAFORM . $PRO_UID . '/' . $DYN_UID . '.xml', "r" ); $hd = fopen( PATH_DYNAFORM . $PRO_UID . '/' . $DYN_UID . '.xml', "r" );
$hd1 = fopen( PATH_DYNAFORM . $PRO_UID . '/' . $dynUid . '.xml', "w" ); $hd1 = fopen( PATH_DYNAFORM . $PRO_UID . '/' . $dynUid . '.xml', "w" );
$templateFilename = PATH_DYNAFORM . $PRO_UID . '/' . $DYN_UID . '.html'; $templateFilename = PATH_DYNAFORM . $PRO_UID . '/' . $DYN_UID . '.html';
$templateFilename = $filter->xssFilterHard($templateFilename, 'path');
// also make a copy of the template file in case that the html edition is enabled // also make a copy of the template file in case that the html edition is enabled
if (file_exists( $templateFilename )) { if (file_exists( $templateFilename )) {

3
workflow/engine/methods/setup/skin_Ajax.php
View File

@@ -320,6 +320,8 @@ function importSkin ()
function exportSkin ($skinToExport = "") function exportSkin ($skinToExport = "")
{ {
try { try {
G::LoadSystem('inputfilter');
$filter = new InputFilter();
if (! isset( $_REQUEST['SKIN_FOLDER_ID'] )) { if (! isset( $_REQUEST['SKIN_FOLDER_ID'] )) {
throw (new Exception( G::LoadTranslation( 'ID_SKIN_NAME_REQUIRED' ) )); throw (new Exception( G::LoadTranslation( 'ID_SKIN_NAME_REQUIRED' ) ));
} }
@@ -329,6 +331,7 @@ function exportSkin ($skinToExport = "")
$skinFolderBase = PATH_CUSTOM_SKINS . $skinName; $skinFolderBase = PATH_CUSTOM_SKINS . $skinName;
$skinFolder = $skinFolderBase . PATH_SEP; $skinFolder = $skinFolderBase . PATH_SEP;
$skinTar = PATH_CUSTOM_SKINS . $skinName . '.tar'; $skinTar = PATH_CUSTOM_SKINS . $skinName . '.tar';
$skinTar = $filter->xssFilterHard($skinTar, 'path');
if (! is_dir( $skinFolder )) { if (! is_dir( $skinFolder )) {
throw (new Exception( G::LoadTranslation( 'ID_SKIN_DOESNT_EXIST' ) )); throw (new Exception( G::LoadTranslation( 'ID_SKIN_DOESNT_EXIST' ) ));
} }