WordPress.org

Make WordPress Core

Changeset 38534


Ignore:
Timestamp:
09/06/2016 06:06:56 PM (4 years ago)
Author:
swissspidy
Message:

Upgrade/Install: Sanitize file name in File_Upload_Upgrader.

Merge of [38524] to the 3.7 branch.

Location:
branches/3.7
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • branches/3.7

  • branches/3.7/src

  • branches/3.7/src/wp-admin/includes/class-wp-upgrader.php

    r27924 r38534  
    16031603                wp_die( $uploads['error'] );
    16041604
    1605             $this->filename = $_GET[$urlholder];
     1605            $this->filename = sanitize_file_name( $_GET[ $urlholder ] );
    16061606            $this->package = $uploads['basedir'] . '/' . $this->filename;
     1607
     1608            if ( 0 !== strpos( realpath( $this->package ), realpath( $uploads['basedir'] ) ) ) {
     1609                wp_die( __( 'Please select a file' ) );
     1610            }
    16071611        }
    16081612    }
Note: See TracChangeset for help on using the changeset viewer.