Make WordPress Core

Ticket #42016: correct-dots-check-v3.diff

File correct-dots-check-v3.diff, 1.2 KB (added by DavidAnderson, 7 years ago)

Fix the count() check, use mb_substr, and make comparison of allowed files strict

  • wp-includes/functions.php

     
    42524252 * @return int 0 means nothing is wrong, greater than 0 means something was wrong.
    42534253 */
    42544254function validate_file( $file, $allowed_files = '' ) {
    4255         if ( false !== strpos( $file, '..' ) )
    4256                 return 1;
     4255        $result = 0;
    42574256
    4258         if ( false !== strpos( $file, './' ) )
    4259                 return 1;
     4257        if (':' == substr( $file, 1, 1 ) )
     4258                $result = 2;
    42604259
    42614260        if ( ! empty( $allowed_files ) && ! in_array( $file, $allowed_files, true ) )
    4262                 return 3;
     4261                $result = 3;
    42634262
    4264         if (':' == substr( $file, 1, 1 ) )
    4265                 return 2;
    4266 
    4267         return 0;
     4263        if ( preg_match_all( '#\.\./#' , $file, $matches, PREG_SET_ORDER ) && ( count( $matches ) > 1 || '../' != mb_substr( $file, -2, 2 ) ) )
     4264                $result = 1;
     4265               
     4266        /**
     4267         * Filters the returned result.
     4268         *
     4269         * @since 4.8.3
     4270         *
     4271         * @param int As described for the return value of the function.
     4272         * @param string $file As provided to the function (file path).
     4273         * @param array  $allowed_files As provided to the function (list of allowed files).
     4274         */
     4275        return apply_filters( 'validate_file', $result, $file, $allowed_files );
    42684276}
    42694277
    42704278/**