[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SF.net SVN: ledger-smb: [244] trunk
- Subject: SF.net SVN: ledger-smb: [244] trunk
- From: ..hidden..
- Date: Fri, 20 Oct 2006 19:56:34 -0700
Revision: 244
http://svn.sourceforge.net/ledger-smb/?rev=244&view=rev
Author: einhverfr
Date: 2006-10-20 19:56:32 -0700 (Fri, 20 Oct 2006)
Log Message:
-----------
Fine tuning of whitelisting checks
Modified Paths:
--------------
trunk/LedgerSMB/AM.pm
trunk/bin/am.pl
Modified: trunk/LedgerSMB/AM.pm
===================================================================
--- trunk/LedgerSMB/AM.pm 2006-10-21 02:09:43 UTC (rev 243)
+++ trunk/LedgerSMB/AM.pm 2006-10-21 02:56:32 UTC (rev 244)
@@ -1235,9 +1235,13 @@
my ($self, $myconfig, $form) = @_;
my @allowedsuff = qw(css tex txt html xml);
- if ($form->{file} =~ /\.\./){
+ if ($form->{file} =~ /^(.:)*?\/|\.\.\/|^\//){
$form->error("Directory transversal not allowed.");
}
+ my $userspath = ${main::userspath};
+ if ($form->{file} =~ /^$userspath\//){
+ $form->error("Not allowed to access $userspath/ with this method");
+ }
my $whitelisted = 0;
for (@allowedsuff){
if ($form->{file} =~ /$_$/){
@@ -1248,8 +1252,8 @@
$form->error("Error: File is of type that is not allowed.");
}
- if ($form->{file} !~ /^$myconfig->{templates}/){
- $form->error("$!: $form->{file}") unless $form->{file} =~ /^css/;
+ if ($form->{file} !~ /^$myconfig->{templates}\//){
+ $form->error("Not in a whitelisted directory: $form->{file}") unless $form->{file} =~ /^css\//;
}
}
Modified: trunk/bin/am.pl
===================================================================
--- trunk/bin/am.pl 2006-10-21 02:09:43 UTC (rev 243)
+++ trunk/bin/am.pl 2006-10-21 02:56:32 UTC (rev 244)
@@ -1591,13 +1591,6 @@
sub display_form {
- $form->{file} =~ s/^(.:)*?\/|\.\.\///g;
- $form->{file} =~ s/^\/*//g;
- $form->{file} =~ s/$userspath//;
- $form->{file} =~ s/$memberfile//;
-
- $form->error("$!: $form->{file}") unless -f $form->{file};
-
AM->load_template(\%myconfig, \%$form);
$form->{title} = $form->{file};
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.