Make WordPress Core


Ignore:
Timestamp:
08/15/2006 01:07:51 AM (18 years ago)
Author:
ryan
Message:

Validate backup and fragment files. Don't allow traversal.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-content/plugins/wp-db-backup.php

    r4049 r4095  
    7272
    7373            $this->backup_file = $_GET['backup'];
     74            $this->validate_file($this->backup_file);
    7475
    7576            switch($via) {
     
    9899        if (isset($_GET['fragment'] )) {
    99100            list($table, $segment, $filename) = explode(':', $_GET['fragment']);
     101            $this->validate_file($filename);
    100102            $this->backup_fragment($table, $segment, $filename);
    101103        }
     
    881883        return;
    882884    } // wp_cron_db_backup
     885
     886    function validate_file($file) {
     887        if (false !== strpos($file, '..'))
     888            die(__("Cheatin' uh ?"));
     889
     890        if (false !== strpos($file, './'))
     891            die(__("Cheatin' uh ?"));
     892
     893        if (':' == substr($file, 1, 1))
     894            die(__("Cheatin' uh ?"));
     895    }
     896
    883897}
    884898
Note: See TracChangeset for help on using the changeset viewer.