Skip to content

Commit

Permalink
Merge pull request #11739 from concretecms/backport-security-fixes-11…
Browse files Browse the repository at this point in the history
…0123

Backport various security fixes to 8.5.x.
  • Loading branch information
aembler committed Nov 3, 2023
2 parents da516f7 + 22e5ec7 commit e7ba2ba
Show file tree
Hide file tree
Showing 12 changed files with 291 additions and 103 deletions.
321 changes: 249 additions & 72 deletions composer.lock

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion concrete/attributes/image_file/controller.php
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ public function getDisplayValue()
if (is_object($f)) {
$type = strtolower($f->getTypeObject()->getGenericDisplayType());

return '<a target="_blank" href="' . $f->getDownloadURL() . '" class="ccm-attribute-image-file ccm-attribute-image-file-' . $type . '">' . $f->getTitle() . '</a>';
return '<a target="_blank" href="' . $f->getDownloadURL() . '" class="ccm-attribute-image-file ccm-attribute-image-file-' . $type . '">' . h($f->getTitle()) . '</a>';
}
}

Expand Down
15 changes: 7 additions & 8 deletions concrete/src/Asset/CssAsset.php
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
<?php
namespace Concrete\Core\Asset;

use Concrete\Core\Config\Repository\Repository;
use Concrete\Core\Html\Object\HeadLink;
use Config;

class CssAsset extends Asset
{
Expand Down Expand Up @@ -72,16 +72,15 @@ protected static function getRelativeOutputDirectory()
*/
protected static function getOutputDirectory()
{
if (!file_exists(Config::get('concrete.cache.directory').'/'.DIRNAME_CSS)) {
$proceed = @mkdir(Config::get('concrete.cache.directory').'/'.DIRNAME_CSS);
$config = app(Repository::class);
$path = $config->get('concrete.cache.directory') . '/' . DIRNAME_CSS;
if (!file_exists($path)) {
$proceed = @mkdir($path, $config->get('concrete.filesystem.permissions.directory'));
} else {
$proceed = true;
}
if ($proceed) {
return Config::get('concrete.cache.directory').'/'.DIRNAME_CSS;
} else {
return false;
}

return $proceed ? $path : false;
}

/**
Expand Down
16 changes: 8 additions & 8 deletions concrete/src/Asset/JavascriptAsset.php
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
<?php
namespace Concrete\Core\Asset;

use Concrete\Core\Config\Repository\Repository;
use HtmlObject\Element;
use Config;


class JavascriptAsset extends Asset
{
Expand Down Expand Up @@ -37,16 +38,15 @@ public static function getRelativeOutputDirectory()
*/
protected static function getOutputDirectory()
{
if (!file_exists(Config::get('concrete.cache.directory').'/'.DIRNAME_JAVASCRIPT)) {
$proceed = @mkdir(Config::get('concrete.cache.directory').'/'.DIRNAME_JAVASCRIPT);
$config = app(Repository::class);
$path = $config->get('concrete.cache.directory') . '/' . DIRNAME_JAVASCRIPT;
if (!file_exists($path)) {
$proceed = @mkdir($path, $config->get('concrete.filesystem.permissions.directory'));
} else {
$proceed = true;
}
if ($proceed) {
return Config::get('concrete.cache.directory').'/'.DIRNAME_JAVASCRIPT;
} else {
return false;
}

return $proceed ? $path : false;
}

/**
Expand Down
9 changes: 6 additions & 3 deletions concrete/src/Cache/Page/FilePageCache.php
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
namespace Concrete\Core\Cache\Page;

use Config;
use Concrete\Core\Config\Repository\Repository;
use Concrete\Core\Page\Page as ConcretePage;
use Loader;

Expand Down Expand Up @@ -59,9 +60,11 @@ public function purge(ConcretePage $c)

public function set(ConcretePage $c, $content)
{
if (!is_dir(Config::get('concrete.cache.page.directory'))) {
@mkdir(Config::get('concrete.cache.page.directory'));
@touch(Config::get('concrete.cache.page.directory') . '/index.html');
$config = app(Repository::class);
$dir = $config->get('concrete.cache.page.directory');
if (!is_dir($dir)) {
@mkdir($dir, $config->get('concrete.filesystem.permissions.directory'));
@touch($dir . '/index.html');
}
$url = $c->getSite()->getSiteCanonicalURL();
$lifetime = $c->getCollectionFullPageCachingLifetimeValue();
Expand Down
2 changes: 1 addition & 1 deletion concrete/src/Console/Command/ResetCommand.php
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,7 @@ protected function execute(InputInterface $input, OutputInterface $output)
foreach ($createEmptyDirs as $shownName => $fullpath) {
if (!file_exists($fullpath)) {
$output->write("Creating directory $shownName... ");
if (@mkdir($fullpath) === false) {
if (@mkdir($fullpath, DIRECTORY_PERMISSIONS_MODE_COMPUTED) === false) {
throw new Exception("Failed to create directory $fullpath");
}
$output->writeln('<info>done.</info>');
Expand Down
6 changes: 4 additions & 2 deletions concrete/src/Console/Command/TranslatePackageCommand.php
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
<?php
namespace Concrete\Core\Console\Command;

use Concrete\Core\Config\Repository\Repository;
use Concrete\Core\Console\Command;
use Concrete\Core\Localization\Localization;
use Concrete\Core\Localization\Translation\Remote\ProviderInterface as RemoteTranslationProvider;
Expand Down Expand Up @@ -64,6 +65,7 @@ protected function configure()
protected function execute(InputInterface $input, OutputInterface $output)
{
$this->app = Application::getFacadeApplication();
$config = $this->app->make(Repository::class);

$vsh = $this->app->make('helper/validation/strings');
/* @var \Concrete\Core\Utility\Service\Validation\Strings $vsh */
Expand Down Expand Up @@ -162,7 +164,7 @@ protected function execute(InputInterface $input, OutputInterface $output)
// Save the pot file
$output->write('Saving .pot file... ');
if (!is_dir($packageLanguagesDirectory)) {
@mkdir($packageLanguagesDirectory, 0775, true);
@mkdir($packageLanguagesDirectory, $config->get('concrete.filesystem.permissions.directory'), true);
if (!is_dir($packageLanguagesDirectory)) {
throw new Exception("Unable to create the directory $packageLanguagesDirectory");
}
Expand Down Expand Up @@ -206,7 +208,7 @@ protected function execute(InputInterface $input, OutputInterface $output)
}
$output->write('- saving .po file... ');
if (!is_dir($poDirectory)) {
@mkdir($poDirectory, 0775, true);
@mkdir($poDirectory, $config->get('concrete.filesystem.permissions.directory'), true);
if (!is_dir($poDirectory)) {
throw new Exception("Unable to create the directory $poDirectory");
}
Expand Down
10 changes: 6 additions & 4 deletions concrete/src/Database/DatabaseStructureManager.php
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,10 @@

use Closure;
use Doctrine\Common\Persistence\Mapping\MappingException;
use Concrete\Core\Config\Repository\Repository;
use Core;
use Doctrine\DBAL\Schema\SchemaDiff;
use Doctrine\ORM\EntityManagerInterface;
use Core;
use Doctrine\ORM\Tools\SchemaTool;

class DatabaseStructureManager
Expand Down Expand Up @@ -93,9 +94,10 @@ public function generateProxyClassesFor(array $metadatas)
$proxyDir
));
}
@mkdir($proxyDir, DIRECTORY_PERMISSIONS_MODE_COMPUTED, true);
$permissions = app(Repository::class)->get('concrete.filesystem.permissions.directory');
@mkdir($proxyDir, $permissions, true);
if (is_dir($proxyDir)) {
@chmod($proxyDir, DIRECTORY_PERMISSIONS_MODE_COMPUTED);
@chmod($proxyDir, $permissions);
} else {
throw new \Exception(t(
"Could not create the proxies directory. " .
Expand Down Expand Up @@ -394,7 +396,7 @@ public function clearCacheAndProxies()
$cache->flushAll();
}

// Next, we regnerate proxies
// Next, we regenerate proxies
$metadatas = $this->entityManager->getMetadataFactory()->getAllMetadata();
$this->entityManager->getProxyFactory()->generateProxyClasses($metadatas, \Config::get('database.proxy_classes'));
return $metadatas;
Expand Down
4 changes: 3 additions & 1 deletion concrete/src/File/Service/VolatileDirectory.php
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
<?php
namespace Concrete\Core\File\Service;

use Concrete\Core\Config\Repository\Repository;
use Exception;
use Illuminate\Filesystem\Filesystem;

Expand Down Expand Up @@ -41,7 +42,8 @@ public function __construct(Filesystem $filesystem, $parentDirectory)
for ($i = 0; ; ++$i) {
$path = $parentDirectory . '/volatile-' . $i . '-' . uniqid();
if (!$this->filesystem->exists($path)) {
if (@$this->filesystem->makeDirectory($path, DIRECTORY_PERMISSIONS_MODE_COMPUTED)) {
$permissions = app(Repository::class)->get('concrete.filesystem.permissions.directory');
if (@$this->filesystem->makeDirectory($path, $permissions)) {
break;
}
}
Expand Down
3 changes: 2 additions & 1 deletion concrete/src/Localization/Service/TranslationsInstaller.php
Original file line number Diff line number Diff line change
Expand Up @@ -143,7 +143,8 @@ private function installTranslations($localeID, Package $package = null)
}
$directory = dirname($localStats->getFilename());
if (!$this->fs->isDirectory($directory)) {
if ($this->fs->makeDirectory($directory, DIRECTORY_PERMISSIONS_MODE_COMPUTED, true, true) !== true) {
$permissions = $this->config->get('concrete.filesystem.permissions.directory');
if ($this->fs->makeDirectory($directory, $permissions, true, true) !== true) {
throw new Exception(t('Failed to create the directory for the language file. Please be sure that the %s directory is writable', $shownDirectoryName));
}
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
<?php
namespace Concrete\Core\Session\Storage\Handler;

use Concrete\Core\Config\Repository\Repository;
use SessionHandler;

/**
Expand Down Expand Up @@ -48,7 +49,7 @@ public function __construct($savePath = null)

try {
if ($baseDir && !is_dir($baseDir)) {
mkdir($baseDir, 0777, true);
mkdir($baseDir, app(Repository::class)->get('concrete.filesystem.permissions.directory'), true);
}

ini_set('session.save_path', $savePath);
Expand Down
3 changes: 2 additions & 1 deletion tests/tests/Config/Driver/Redis/RedisPaginatedTraitTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,8 @@ public function testPaginatedScan()
M::getConfiguration()->setInternalClassMethodParamMap('Redis', 'scan', [
'&$iterator',
'$pattern = null',
'$count = 0'
'$count = null',
'$type = null',
]);

$redis = M::mock('Redis');
Expand Down

0 comments on commit e7ba2ba

Please sign in to comment.