Ticket #42619: 42619.diff
| File 42619.diff, 1.1 KB (added by , 4 years ago) |
|---|
-
src/wp-admin/includes/class-wp-automatic-updater.php
55 55 return apply_filters( 'automatic_updater_disabled', $disabled ); 56 56 } 57 57 58 public function is_allowed_dir( $dir ) { 59 $open_basedir = ini_get('open_basedir'); 60 61 if ( !$open_basedir ) { 62 return true; 63 } 64 65 $open_basedir_dirs = explode(PATH_SEPARATOR, $open_basedir); 66 67 foreach ( $open_basedir_dirs as $basedir ) { 68 if ( strpos( $dir, $basedir ) === 0 ) { 69 return true; 70 } 71 } 72 73 return false; 74 } 75 58 76 /** 59 77 * Check for version control checkouts. 60 78 * … … 101 119 // Search all directories we've found for evidence of version control. 102 120 foreach ( $vcs_dirs as $vcs_dir ) { 103 121 foreach ( $check_dirs as $check_dir ) { 104 $checkout = @is_dir( rtrim( $check_dir, '\\/' ) . "/$vcs_dir" );122 $checkout = $this->is_allowed_dir( $check_dir ) && @is_dir( rtrim( $check_dir, '\\/' ) . "/$vcs_dir" ); 105 123 if ( $checkout ) { 106 124 break 2; 107 125 }