diff options
| author | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2006-10-21 02:56:32 +0000 |
|---|---|---|
| committer | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2006-10-21 02:56:32 +0000 |
| commit | d649a37823d026d9f0ac9a7c4a67ed39b17cb8b2 (patch) | |
| tree | 38b65336296a479f889b6e2dd1b5ddf21f331d9e /LedgerSMB/AM.pm | |
| parent | 342d620aef52798493c7824e642008690e34878c (diff) | |
Fine tuning of whitelisting checks
git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/trunk@244 4979c152-3d1c-0410-bac9-87ea11338e46
Diffstat (limited to 'LedgerSMB/AM.pm')
| -rwxr-xr-x | LedgerSMB/AM.pm | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/LedgerSMB/AM.pm b/LedgerSMB/AM.pm index be9e47fe..57c75cb3 100755 --- a/LedgerSMB/AM.pm +++ b/LedgerSMB/AM.pm @@ -1235,9 +1235,13 @@ sub check_template_name { my ($self, $myconfig, $form) = @_; my @allowedsuff = qw(css tex txt html xml); - if ($form->{file} =~ /\.\./){ + if ($form->{file} =~ /^(.:)*?\/|\.\.\/|^\//){ $form->error("Directory transversal not allowed."); } + my $userspath = ${main::userspath}; + if ($form->{file} =~ /^$userspath\//){ + $form->error("Not allowed to access $userspath/ with this method"); + } my $whitelisted = 0; for (@allowedsuff){ if ($form->{file} =~ /$_$/){ @@ -1248,8 +1252,8 @@ sub check_template_name { $form->error("Error: File is of type that is not allowed."); } - if ($form->{file} !~ /^$myconfig->{templates}/){ - $form->error("$!: $form->{file}") unless $form->{file} =~ /^css/; + if ($form->{file} !~ /^$myconfig->{templates}\//){ + $form->error("Not in a whitelisted directory: $form->{file}") unless $form->{file} =~ /^css\//; } } |