[ticket/17141] Ensure correction is newer below 0

PHPBB3-17141

phpBB/phpbb/path_helper.php

@@ -236,7 +236,7 @@ class path_helper
 
 		// Prepend ../ to the phpbb_root_path as many times as / exists in path_info
 		$this->web_root_path = $this->filesystem->clean_path(
-			'./' . str_repeat('../', $corrections) . $this->phpbb_root_path
+			'./' . str_repeat('../', max(0, $corrections)) . $this->phpbb_root_path
 		);
 		return $this->web_root_path;
 	}
@@ -264,7 +264,7 @@ class path_helper
 				$relative_referer_path = substr($relative_referer_path, 0, $has_params);
 			}
 			$corrections = substr_count($relative_referer_path, '/');
-			return $this->phpbb_root_path . str_repeat('../', $corrections - 1);
+			return $this->phpbb_root_path . str_repeat('../', max(0, $corrections - 1));
 		}
 
 		// If not, it's a bit more complicated. We go to the parent directory

tests/path_helper/path_helper_test.php

@@ -59,25 +59,25 @@ class phpbb_path_helper_test extends phpbb_test_case
 		$filesystem = new \phpbb\filesystem\filesystem();
 		$this->set_phpbb_root_path($filesystem);
 
-		return array(
-			array(
+		return [
+			[
 				'http://www.test.com/test.php',
 				'http://www.test.com/test.php',
 				'/',
-			),
-			array(
+			],
+			[
 				$this->phpbb_root_path . 'test.php',
 				$this->phpbb_root_path . 'test.php',
-			),
-			array(
+			],
+			[
 				'test.php',
 				'test.php',
-			),
-			array(
+			],
+			[
 				$this->phpbb_root_path . $this->phpbb_root_path . 'test.php',
 				$filesystem->clean_path($this->phpbb_root_path . $this->phpbb_root_path . 'test.php'),
-			),
-		);
+			],
+		];
 	}
 
 	/**
@@ -158,6 +158,13 @@ class phpbb_path_helper_test extends phpbb_test_case
 				'/phpbb3-fork/phpBB/app.php',
 				'',
 			),
+			array(
+				'./../'.$this->phpbb_root_path . 'test.php',
+				'',
+				'/phpbb3-fork/phpBB/foo',
+				'/phpbb3-fork/phpBB/app.php',
+				'',
+			),
 		);
 	}
 
@@ -393,63 +400,78 @@ class phpbb_path_helper_test extends phpbb_test_case
 
 	public function get_web_root_path_from_ajax_referer_data()
 	{
-		return array(
-			array(
+		return [
+			[
 				'http://www.phpbb.com/community/route1/route2/',
 				'http://www.phpbb.com/community',
 				'../../',
-			),
-			array(
+			],
+			[
+				'http://www.phpbb.com/community/route1/route2/?f=9',
+				'http://www.phpbb.com/community',
+				'../../',
+			],
+			[
 				'http://www.phpbb.com/community/route1/route2',
 				'http://www.phpbb.com/community',
 				'../',
-			),
-			array(
+			],
+			[
 				'http://www.phpbb.com/community/route1',
 				'http://www.phpbb.com/community',
 				'',
-			),
-			array(
+			],
+			[
 				'http://www.phpbb.com/community/',
 				'http://www.phpbb.com/community',
 				'',
-			),
-			array(
+			],
+			[
 				'http://www.phpbb.com/notcommunity/route1/route2/',
 				'http://www.phpbb.com/community',
 				'../../../community/',
-			),
-			array(
+			],
+			[
+				'http://www.phpbb.com/notcommunity/route1/route2/?f=9',
+				'http://www.phpbb.com/community',
+				'../../../community/',
+			],
+			[
 				'http://www.phpbb.com/notcommunity/route1/route2',
 				'http://www.phpbb.com/community',
 				'../../community/',
-			),
-			array(
+			],
+			[
 				'http://www.phpbb.com/notcommunity/route1',
 				'http://www.phpbb.com/community',
 				'../community/',
-			),
-			array(
+			],
+			[
 				'http://www.phpbb.com/notcommunity/',
 				'http://www.phpbb.com/community',
 				'../community/',
-			),
-			array(
+			],
+			[
 				'http://www.phpbb.com/foobar',
 				'http://www.phpbb.com',
 				'',
-			),
-			array(
+			],
+			[
 				'http://www.foobar.com',
 				'http://www.phpbb.com',
 				'/www.phpbb.com/',
-			),
-			array(
+			],
+			[
 				'foobar',
 				'http://www.phpbb.com/community',
 				'',
-			)
-		);
+			],
+			[
+				'https://www.phpbb.com',
+				'https://www.phpbb.com',
+				''
+			]
+		];
 	}
 
 	/**