summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorArto Bendiken2007-09-21 12:27:58 (GMT)
committerArto Bendiken2007-09-21 12:27:58 (GMT)
commitdeec3b5acc4693e4a4d8aefaee6987c698b36a5c (patch)
tree2d457a60caabef7fb9f84da73b61159f84a90e68
parentd338cadf9cad7a48c4876462cc719f7969989b15 (diff)
Imported latest 5.x version from SVN development repository.
-rw-r--r--boost.api.inc12
1 files changed, 8 insertions, 4 deletions
diff --git a/boost.api.inc b/boost.api.inc
index dae0e94..09afb94 100644
--- a/boost.api.inc
+++ b/boost.api.inc
@@ -177,11 +177,15 @@ function boost_file_path($path) {
$path = 'index'; // special handling for Drupal's front page
}
- // Convert any undesirable characters in the path to underscores
- $path = preg_replace('@[^/a-z0-9_-]@i', '_', $path);
+ // Under no circumstances should the incoming path contain '..' or null
+ // bytes; we also limit the maximum directory nesting depth of the path
+ if (strpos($path, '..') !== FALSE || strpos($path, "\0") !== FALSE ||
+ count(explode('/', $path)) > BOOST_MAX_PATH_DEPTH) {
+ return FALSE;
+ }
- // Limit the maximum directory nesting depth of the path
- $path = implode('/', array_slice(explode('/', $path), 0, BOOST_MAX_PATH_DEPTH));
+ // Convert any other undesirable characters in the path to underscores
+ $path = preg_replace('@[^/a-z0-9_-]@i', '_', $path);
return boost_cache_directory() . '/' . $path . BOOST_FILE_EXTENSION;
}