Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2026-02-07 16:41:48 +01:00
Code Issues Packages Projects Releases Wiki Activity

FIX Security Path transversal with modulepart=medias

Browse Source
This commit is contained in:
Laurent Destailleur
2025-02-27 00:01:59 +01:00
parent 4d093451ab
commit 690598bf11
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
htdocs/document.php
View File

@@ -242,7 +242,6 @@ $original_file = preg_replace('/\.\.+/', '..', $original_file); // Replace '...
$original_file = str_replace('../', '/', $original_file);
$original_file = str_replace('..\\', '/', $original_file);
// Security check
if (empty($modulepart)) {
accessforbidden('Bad value for parameter modulepart');
@@ -253,7 +252,7 @@ $check_access = dol_check_secure_access_document($modulepart, $original_file, $e
$accessallowed = $check_access['accessallowed'];
$sqlprotectagainstexternals = $check_access['sqlprotectagainstexternals'];
$fullpath_original_file = $check_access['original_file']; // $fullpath_original_file is now a full path name
//var_dump($modulepart.' '.$fullpath_original_file.' '.$original_file.' '.$accessallowed);exit;
var_dump($modulepart.' '.$entity.' '.$fullpath_original_file.' '.$original_file.' '.$accessallowed);exit;
if (!empty($hashp)) {
$accessallowed = 1; // When using hashp, link is public so we force $accessallowed