Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Fix disallow -- string into filename for security purpose. Vulnerability

Browse Source 
reported by Yılmaz Değirmenci
This commit is contained in:
Laurent Destailleur
2020-12-11 15:11:51 +01:00
parent 89854ea137
commit 4fcd3fe493
3 changed files with 28 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
htdocs/core/lib/functions.lib.php
View File

@@ -866,8 +866,9 @@ function dol_sanitizeFileName($str, $newstr = '_', $unaccent = 1)
// List of special chars for filenames in windows are defined on page https://docs.microsoft.com/en-us/windows/win32/fileio/naming-a-file
// Char '>' '<' '|' '$' and ';' are special chars for shells.
// Char '/' and '\' are file delimiters.
$filesystem_forbidden_chars = array('<', '>', '/', '\\', '?', '*', '|', '"', ':', '°', '$', ';');
return dol_string_nospecial($unaccent ?dol_string_unaccent($str) : $str, $newstr, $filesystem_forbidden_chars);
// -- car can be used into filename to inject special paramaters like --use-compress-program to make command with file as parameter making remote execution of command
$filesystem_forbidden_chars = array('<', '>', '/', '\\', '?', '*', '|', '"', ':', '°', '$', ';', '--');
return dol_string_nospecial($unaccent ? dol_string_unaccent($str) : $str, $newstr, $filesystem_forbidden_chars);
}
/**