sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Validate backup and fragment files. Don't allow traversal.

Browse Source 
git-svn-id: https://develop.svn.wordpress.org/trunk@4095 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Ryan Boren 2006-08-15 01:07:51 +00:00
parent c45387d31b
commit 49abdc66f3
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
wp-content/plugins/wp-db-backup.php
View File

@ -71,6 +71,7 @@ class wpdbBackup {
$via = isset($_GET['via']) ? $_GET['via'] : 'http';
$this->backup_file = $_GET['backup'];
$this->validate_file($this->backup_file);
switch($via) {
case 'smtp':
@ -97,6 +98,7 @@ class wpdbBackup {
}
if (isset($_GET['fragment'] )) {
list($table, $segment, $filename) = explode(':', $_GET['fragment']);
$this->validate_file($filename);
$this->backup_fragment($table, $segment, $filename);
}
@ -880,6 +882,18 @@ class wpdbBackup {
return;
} // wp_cron_db_backup
function validate_file($file) {
if (false !== strpos($file, '..'))
die(__("Cheatin' uh ?"));
if (false !== strpos($file, './'))
die(__("Cheatin' uh ?"));
if (':' == substr($file, 1, 1))
die(__("Cheatin' uh ?"));
}
}
function wpdbBackup_init() {