diff options
| author | Evan Prodromou <evan@status.net> | 2010-02-01 11:05:55 -0500 |
|---|---|---|
| committer | Evan Prodromou <evan@status.net> | 2010-02-01 11:23:11 -0500 |
| commit | 54ab4048062471b022061dee257456a46973de50 (patch) | |
| tree | 29e5190ab34ad41ae094cbbdcff09e27fb5e8ea8 | |
| parent | 91684830e55dd0e6a9e069ff140e17a929dd2364 (diff) | |
fix local file include vulnerability in doc.php
| -rw-r--r-- | actions/doc.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/actions/doc.php b/actions/doc.php index e6508030b..fe5810579 100644 --- a/actions/doc.php +++ b/actions/doc.php @@ -59,6 +59,10 @@ class DocAction extends Action { parent::handle($args); $this->title = $this->trimmed('title'); + // Prevent local file include + if (!preg_match('/^[a-zA-Z0-9_-]*$/', $this->title)) { + $this->title = 'help'; + } $this->filename = INSTALLDIR.'/doc-src/'.$this->title; if (!file_exists($this->filename)) { $this->clientError(_('No such document.')); |