gitlabFork/ISPConfig3.git - Solinfo Gitblit

parent: d2fbc5f9 | patch | commit | ignore whitespace

- Corrected folder paths for folder protection (missing trailing slash).

ftimme

2011-10-20 8f08b586f1233920cd12604c582e32bd442494a3

- Corrected folder paths for folder protection (missing trailing slash).

2 files modified

	server/plugins-available/apache2_plugin.inc.php	8 ●●●●● patch \| view \| raw \| blame \| history
	server/plugins-available/nginx_plugin.inc.php	10 ●●●●● patch \| view \| raw \| blame \| history

 server/plugins-available/apache2_plugin.inc.php

@@ -1305,7 +1305,7 @@
        if(substr($folder['path'],0,1) == '/') $folder['path'] = substr($folder['path'],1);
        if(substr($folder['path'],-1) == '/') $folder['path'] = substr($folder['path'],0,-1);
        $folder_path = escapeshellcmd($website['document_root'].'/web/'.$folder['path']);
        if(substr($folder_path,-1) != '/' && $folder['path'] != '') $folder_path .= '/';
        if(substr($folder_path,-1) != '/') $folder_path .= '/';
        
        //* Check if the resulting path is inside the docroot
        if(stristr($folder_path,'..') || stristr($folder_path,'./') || stristr($folder_path,'\\')) {
@@ -1381,7 +1381,7 @@
        if(substr($folder['path'],0,1) == '/') $folder['path'] = substr($folder['path'],1);
        if(substr($folder['path'],-1) == '/') $folder['path'] = substr($folder['path'],0,-1);
        $folder_path = realpath($website['document_root'].'/web/'.$folder['path']);
        if(substr($folder_path,-1) != '/' && $folder['path'] != '') $folder_path .= '/';
        if(substr($folder_path,-1) != '/') $folder_path .= '/';
        
        //* Check if the resulting path is inside the docroot
        if(substr($folder_path,0,strlen($website['document_root'])) != $website['document_root']) {
@@ -1417,12 +1417,12 @@
        if(substr($data['old']['path'],0,1) == '/') $data['old']['path'] = substr($data['old']['path'],1);
        if(substr($data['old']['path'],-1) == '/') $data['old']['path'] = substr($data['old']['path'],0,-1);
        $old_folder_path = realpath($website['document_root'].'/web/'.$data['old']['path']);
        if(substr($old_folder_path,-1) != '/' && $data['old']['path'] != '') $old_folder_path .= '/';
        if(substr($old_folder_path,-1) != '/') $old_folder_path .= '/';
            
        if(substr($data['new']['path'],0,1) == '/') $data['new']['path'] = substr($data['new']['path'],1);
        if(substr($data['new']['path'],-1) == '/') $data['new']['path'] = substr($data['new']['path'],0,-1);
        $new_folder_path = escapeshellcmd($website['document_root'].'/web/'.$data['new']['path']);
        if(substr($new_folder_path,-1) != '/' && $data['new']['path'] != '') $new_folder_path .= '/';
        if(substr($new_folder_path,-1) != '/') $new_folder_path .= '/';
        
        //* Check if the resulting path is inside the docroot
        if(stristr($new_folder_path,'..') || stristr($new_folder_path,'./') || stristr($new_folder_path,'\\')) {

 server/plugins-available/nginx_plugin.inc.php

@@ -1105,7 +1105,7 @@
        if(substr($folder['path'],0,1) == '/') $folder['path'] = substr($folder['path'],1);
        if(substr($folder['path'],-1) == '/') $folder['path'] = substr($folder['path'],0,-1);
        $folder_path = escapeshellcmd($website['document_root'].'/web/'.$folder['path']);
        if(substr($folder_path,-1) != '/' && $folder['path'] != '') $folder_path .= '/';
        if(substr($folder_path,-1) != '/') $folder_path .= '/';
        
        //* Check if the resulting path is inside the docroot
        if(stristr($folder_path,'..') || stristr($folder_path,'./') || stristr($folder_path,'\\')) {
@@ -1163,7 +1163,7 @@
        
        $folder_id = $data['old']['web_folder_id'];
        
        $folder = $app->db->queryOneRecord("SELECT * FROM web_folder WHERE web_folder_id = ".intval($folder_id));
        $folder = $data['old'];
        $website = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($folder['parent_domain_id']));
        
        if(!is_array($folder) or !is_array($website)) {
@@ -1175,7 +1175,7 @@
        if(substr($folder['path'],0,1) == '/') $folder['path'] = substr($folder['path'],1);
        if(substr($folder['path'],-1) == '/') $folder['path'] = substr($folder['path'],0,-1);
        $folder_path = realpath($website['document_root'].'/web/'.$folder['path']);
        if(substr($folder_path,-1) != '/' && $folder['path'] != '') $folder_path .= '/';
        if(substr($folder_path,-1) != '/') $folder_path .= '/';
        
        //* Check if the resulting path is inside the docroot
        if(substr($folder_path,0,strlen($website['document_root'])) != $website['document_root']) {
@@ -1209,12 +1209,12 @@
        if(substr($data['old']['path'],0,1) == '/') $data['old']['path'] = substr($data['old']['path'],1);
        if(substr($data['old']['path'],-1) == '/') $data['old']['path'] = substr($data['old']['path'],0,-1);
        $old_folder_path = realpath($website['document_root'].'/web/'.$data['old']['path']);
        if(substr($old_folder_path,-1) != '/' && $data['old']['path'] != '') $old_folder_path .= '/';
        if(substr($old_folder_path,-1) != '/') $old_folder_path .= '/';
            
        if(substr($data['new']['path'],0,1) == '/') $data['new']['path'] = substr($data['new']['path'],1);
        if(substr($data['new']['path'],-1) == '/') $data['new']['path'] = substr($data['new']['path'],0,-1);
        $new_folder_path = escapeshellcmd($website['document_root'].'/web/'.$data['new']['path']);
        if(substr($new_folder_path,-1) != '/' && $data['new']['path'] != '') $new_folder_path .= '/';
        if(substr($new_folder_path,-1) != '/') $new_folder_path .= '/';
        
        //* Check if the resulting path is inside the docroot
        if(stristr($new_folder_path,'..') || stristr($new_folder_path,'./') || stristr($new_folder_path,'\\')) {

			@@ -1305,7 +1305,7 @@
			if(substr($folder['path'],0,1) == '/') $folder['path'] = substr($folder['path'],1);
			if(substr($folder['path'],-1) == '/') $folder['path'] = substr($folder['path'],0,-1);
			$folder_path = escapeshellcmd($website['document_root'].'/web/'.$folder['path']);
			if(substr($folder_path,-1) != '/' && $folder['path'] != '') $folder_path .= '/';
			if(substr($folder_path,-1) != '/') $folder_path .= '/';

			//* Check if the resulting path is inside the docroot
			if(stristr($folder_path,'..') \|\| stristr($folder_path,'./') \|\| stristr($folder_path,'\\')) {
			@@ -1381,7 +1381,7 @@
			if(substr($folder['path'],0,1) == '/') $folder['path'] = substr($folder['path'],1);
			if(substr($folder['path'],-1) == '/') $folder['path'] = substr($folder['path'],0,-1);
			$folder_path = realpath($website['document_root'].'/web/'.$folder['path']);
			if(substr($folder_path,-1) != '/' && $folder['path'] != '') $folder_path .= '/';
			if(substr($folder_path,-1) != '/') $folder_path .= '/';

			//* Check if the resulting path is inside the docroot
			if(substr($folder_path,0,strlen($website['document_root'])) != $website['document_root']) {
			@@ -1417,12 +1417,12 @@
			if(substr($data['old']['path'],0,1) == '/') $data['old']['path'] = substr($data['old']['path'],1);
			if(substr($data['old']['path'],-1) == '/') $data['old']['path'] = substr($data['old']['path'],0,-1);
			$old_folder_path = realpath($website['document_root'].'/web/'.$data['old']['path']);
			if(substr($old_folder_path,-1) != '/' && $data['old']['path'] != '') $old_folder_path .= '/';
			if(substr($old_folder_path,-1) != '/') $old_folder_path .= '/';

			if(substr($data['new']['path'],0,1) == '/') $data['new']['path'] = substr($data['new']['path'],1);
			if(substr($data['new']['path'],-1) == '/') $data['new']['path'] = substr($data['new']['path'],0,-1);
			$new_folder_path = escapeshellcmd($website['document_root'].'/web/'.$data['new']['path']);
			if(substr($new_folder_path,-1) != '/' && $data['new']['path'] != '') $new_folder_path .= '/';
			if(substr($new_folder_path,-1) != '/') $new_folder_path .= '/';

			//* Check if the resulting path is inside the docroot
			if(stristr($new_folder_path,'..') \|\| stristr($new_folder_path,'./') \|\| stristr($new_folder_path,'\\')) {

			@@ -1105,7 +1105,7 @@
			if(substr($folder['path'],0,1) == '/') $folder['path'] = substr($folder['path'],1);
			if(substr($folder['path'],-1) == '/') $folder['path'] = substr($folder['path'],0,-1);
			$folder_path = escapeshellcmd($website['document_root'].'/web/'.$folder['path']);
			if(substr($folder_path,-1) != '/' && $folder['path'] != '') $folder_path .= '/';
			if(substr($folder_path,-1) != '/') $folder_path .= '/';

			//* Check if the resulting path is inside the docroot
			if(stristr($folder_path,'..') \|\| stristr($folder_path,'./') \|\| stristr($folder_path,'\\')) {
			@@ -1163,7 +1163,7 @@

			$folder_id = $data['old']['web_folder_id'];

			$folder = $app->db->queryOneRecord("SELECT * FROM web_folder WHERE web_folder_id = ".intval($folder_id));
			$folder = $data['old'];
			$website = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($folder['parent_domain_id']));

			if(!is_array($folder) or !is_array($website)) {
			@@ -1175,7 +1175,7 @@
			if(substr($folder['path'],0,1) == '/') $folder['path'] = substr($folder['path'],1);
			if(substr($folder['path'],-1) == '/') $folder['path'] = substr($folder['path'],0,-1);
			$folder_path = realpath($website['document_root'].'/web/'.$folder['path']);
			if(substr($folder_path,-1) != '/' && $folder['path'] != '') $folder_path .= '/';
			if(substr($folder_path,-1) != '/') $folder_path .= '/';

			//* Check if the resulting path is inside the docroot
			if(substr($folder_path,0,strlen($website['document_root'])) != $website['document_root']) {
			@@ -1209,12 +1209,12 @@
			if(substr($data['old']['path'],0,1) == '/') $data['old']['path'] = substr($data['old']['path'],1);
			if(substr($data['old']['path'],-1) == '/') $data['old']['path'] = substr($data['old']['path'],0,-1);
			$old_folder_path = realpath($website['document_root'].'/web/'.$data['old']['path']);
			if(substr($old_folder_path,-1) != '/' && $data['old']['path'] != '') $old_folder_path .= '/';
			if(substr($old_folder_path,-1) != '/') $old_folder_path .= '/';

			if(substr($data['new']['path'],0,1) == '/') $data['new']['path'] = substr($data['new']['path'],1);
			if(substr($data['new']['path'],-1) == '/') $data['new']['path'] = substr($data['new']['path'],0,-1);
			$new_folder_path = escapeshellcmd($website['document_root'].'/web/'.$data['new']['path']);
			if(substr($new_folder_path,-1) != '/' && $data['new']['path'] != '') $new_folder_path .= '/';
			if(substr($new_folder_path,-1) != '/') $new_folder_path .= '/';

			//* Check if the resulting path is inside the docroot
			if(stristr($new_folder_path,'..') \|\| stristr($new_folder_path,'./') \|\| stristr($new_folder_path,'\\')) {