Make WordPress Core

Changeset 38524


Ignore:
Timestamp:
09/06/2016 05:25:22 PM (8 years ago)
Author:
swissspidy
Message:

Upgrade/Install: Sanitize file name in File_Upload_Upgrader.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/class-file-upload-upgrader.php

    r37432 r38524  
    101101                wp_die( $uploads['error'] );
    102102
    103             $this->filename = $_GET[$urlholder];
     103            $this->filename = sanitize_file_name( $_GET[ $urlholder ] );
    104104            $this->package = $uploads['basedir'] . '/' . $this->filename;
     105
     106            if ( 0 !== strpos( realpath( $this->package ), realpath( $uploads['basedir'] ) ) ) {
     107                wp_die( __( 'Please select a file' ) );
     108            }
    105109        }
    106110    }
Note: See TracChangeset for help on using the changeset viewer.