diff options
| author | Evan Prodromou <evan@status.net> | 2010-02-01 11:05:55 -0500 |
|---|---|---|
| committer | Evan Prodromou <evan@status.net> | 2010-02-01 11:05:55 -0500 |
| commit | 45c1516217af42c62fbf1d69cb795939a473ef02 (patch) | |
| tree | 88a34dce8a4dc3d31884f0294b3a304e87145c58 | |
| parent | 5c36e29e7fd2f41ff5533d181047f1a86ad8a20a (diff) | |
fix local file include vulnerability in doc.php
| -rw-r--r-- | actions/doc.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/actions/doc.php b/actions/doc.php index 68295234c..9d74fb0a6 100644 --- a/actions/doc.php +++ b/actions/doc.php @@ -59,6 +59,10 @@ class DocAction extends Action { parent::handle($args); $this->title = $this->trimmed('title'); + // Prevent local file include + if (!preg_match('/^[a-zA-Z0-9_-]*$/', $this->title)) { + $this->title = 'help'; + } $this->filename = INSTALLDIR.'/doc-src/'.$this->title; if (!file_exists($this->filename)) { $this->clientError(_('No such document.')); |