Skip to content

Commit

Permalink
Fix possible path existence disclossure
Browse files Browse the repository at this point in the history 
On non released versions (where line counts are not precalculated) it
was possible to check for file existence due to limited checks for
supplied path.

Signed-off-by: Michal Čihař <michal@cihar.com>
  • Loading branch information
@nijel
nijel committed Apr 29, 2016
1 parent 94ec333 commit d2dc948
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion libraries/error_report.lib.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -238,7 +238,7 @@ function PMA_countLines($filename)
foreach (explode('/', $filename) as $part) {
if ($part == '..') {
$depath--;
} elseif ($part != '.') {
} elseif ($part != '.' || $part === '') {
$depath++;
}
if ($depath < 0) {
Expand Down

2 comments on commit d2dc948

@madhuracj
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't this be && $part != ''?

@nijel
Copy link
Contributor Author

@nijel nijel commented on d2dc948 May 10, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, we need to skip both empty string and . as both mean current directory.

Please sign in to comment.