Sanitize path normalization of class.t3lib_userauthgroup.php::addFileMount()
authorMartin Kutschker <martin.t.kutschker@blackbox.net>
Mon, 15 May 2006 20:21:44 +0000 (20:21 +0000)
committerMartin Kutschker <martin.t.kutschker@blackbox.net>
Mon, 15 May 2006 20:21:44 +0000 (20:21 +0000)
git-svn-id: https://svn.typo3.org/TYPO3v4/Core/trunk@1471 709f56b5-9817-0410-a4d7-c38de5d9e867

ChangeLog
t3lib/class.t3lib_userauthgroup.php

index a14a6ff..81e8ad9 100755 (executable)
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,7 @@
 
        * Fix bug #3364: Changed t3lib_div::validPathStr() that it rejects files starting with ../ or containing /../, but allows ..
        * Corrected comment for maxWInText (tslib_content) and simplified calculation
+       * Fix bug #338: Sanitize path normalization of class.t3lib_userauthgroup.php::addFileMount()
 
 2006-05-05  Stanislas Rolland  <stanislas.rolland@fructifor.ca>
 
index fc5636b..b85439f 100755 (executable)
@@ -1294,10 +1294,9 @@ class t3lib_userAuthGroup extends t3lib_userAuth {
                }
                        // If the path is true and validates as a valid path string:
                if ($path && t3lib_div::validPathStr($path))    {
-                               // these lines remove all slashes and dots before and after the path
-                       $path=ereg_replace('^[\/\. ]*','',$path);
-                       $path=trim(ereg_replace('[\/\. ]*$','',$path));
-
+                               // normalize path: remove leading '/' and './', and trailing '/' and '/.'
+                       $path=trim($path);
+                       $path=preg_replace('#^\.?/|/\.?$#','',$path);
 
                        if ($path)      {       // there must be some chars in the path
                                $fdir=PATH_site.$GLOBALS['TYPO3_CONF_VARS']['BE']['fileadminDir'];      // fileadmin dir, absolute