diff options
| author | Joas Schilling <nickvergessen@gmx.de> | 2014-11-22 15:51:48 +0100 |
|---|---|---|
| committer | Joas Schilling <nickvergessen@gmx.de> | 2014-11-22 15:51:48 +0100 |
| commit | a3b18d87ddef00424a2dc35061780e1a7dc2c0c6 (patch) | |
| tree | 0fdd49d80ba0bdfb1eb0be05e12f72edfe5c4a7c | |
| parent | fd993cbaf26cea66fc72c2a744189d7c1fef843c (diff) | |
| parent | 9bb302b92ca58d9204290363b190ef4b57009ec6 (diff) | |
| download | forums-a3b18d87ddef00424a2dc35061780e1a7dc2c0c6.tar forums-a3b18d87ddef00424a2dc35061780e1a7dc2c0c6.tar.gz forums-a3b18d87ddef00424a2dc35061780e1a7dc2c0c6.tar.bz2 forums-a3b18d87ddef00424a2dc35061780e1a7dc2c0c6.tar.xz forums-a3b18d87ddef00424a2dc35061780e1a7dc2c0c6.zip | |
Merge pull request #8 from phpbb/ticket/security-169
[ticket/security-169] Stop loop through referer dir in top directory
| -rw-r--r-- | phpBB/phpbb/path_helper.php | 8 | ||||
| -rw-r--r-- | tests/path_helper/path_helper_test.php | 15 |
2 files changed, 22 insertions, 1 deletions
diff --git a/phpBB/phpbb/path_helper.php b/phpBB/phpbb/path_helper.php index 4a446a5d9d..b49d8d13c2 100644 --- a/phpBB/phpbb/path_helper.php +++ b/phpBB/phpbb/path_helper.php @@ -282,10 +282,16 @@ class path_helper $referer_dir = dirname($referer_dir); } - while (strpos($absolute_board_url, $referer_dir) !== 0) + while (($dir_position = strpos($absolute_board_url, $referer_dir)) !== 0) { $fixed_root_path .= '../'; $referer_dir = dirname($referer_dir); + + // Just return phpbb_root_path if we reach the top directory + if ($referer_dir === '.') + { + return $this->phpbb_root_path; + } } $fixed_root_path .= substr($absolute_board_url, strlen($referer_dir) + 1); diff --git a/tests/path_helper/path_helper_test.php b/tests/path_helper/path_helper_test.php index 3832307897..bb68f8b3bc 100644 --- a/tests/path_helper/path_helper_test.php +++ b/tests/path_helper/path_helper_test.php @@ -411,6 +411,21 @@ class phpbb_path_helper_test extends phpbb_test_case 'http://www.phpbb.com/community', '../community/', ), + array( + 'http://www.phpbb.com/foobar', + 'http://www.phpbb.com', + '', + ), + array( + 'http://www.foobar.com', + 'http://www.phpbb.com', + '/www.phpbb.com/', + ), + array( + 'foobar', + 'http://www.phpbb.com/community', + '', + ) ); } |