Friendica/friendica-github
1
0
Fork 0
mirror of https://github.com/friendica/friendica synced 2024-11-10 04:22:54 +00:00
Code Issues Projects Releases Packages Wiki Activity

Checking includes for valid paths

Browse source
This commit is contained in:
Michael Vogel 2015-09-13 18:47:10 +02:00
parent 69daaa61ba
commit 3ace2136f0
2 changed files with 40 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
boot.php
View file

@ -1893,3 +1893,31 @@ if(!function_exists('exif_imagetype')) {
return($size[2]); return($size[2]);
} }
} }
function validate_include(&$file) {
$orig_file = $file;
$file = realpath($file);
if (strpos($file, getcwd()) !== 0)
return false;
$file = str_replace(getcwd()."/", "", $file, $count);
if ($count != 1)
return false;
if ($orig_file !== $file)
return false;
$valid = false;
if (strpos($file, "include/") === 0)
$valid = true;
if (strpos($file, "addon/") === 0)
$valid = true;
if (!$valid)
return false;
return true;
}

15
include/poller.php
View file

@ -65,8 +65,16 @@ function poller_run(&$argv, &$argc){
$argc = count($argv); $argc = count($argv);
// To-Do: Check for existance // Check for existance and validity of the include file
require_once(basename($argv[0])); $include = $argv[0];
if (!validate_include($include)) {
logger("Include file ".$argv[0]." is not valid!");
q("DELETE FROM `workerqueue` WHERE `id` = %d", intval($r[0]["id"]));
continue;
}
require_once($include);
$funcname=str_replace(".php", "", basename($argv[0]))."_run"; $funcname=str_replace(".php", "", basename($argv[0]))."_run";
@ -77,7 +85,8 @@ function poller_run(&$argv, &$argc){
logger("Process ".getmypid().": ".$funcname." - done"); logger("Process ".getmypid().": ".$funcname." - done");
q("DELETE FROM `workerqueue` WHERE `id` = %d", intval($r[0]["id"])); q("DELETE FROM `workerqueue` WHERE `id` = %d", intval($r[0]["id"]));
} } else
logger("Function ".$funcname." does not exist");
} }
} }