makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-10 21:38:54 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge remote-tracking branch 'github-security/ticket/security-164-alt' into prep-release-3.1.1

Browse source 
* github-security/ticket/security-164-alt:
  [ticket/security-164] Correctly format page_name
  [ticket/security-164] Sanitize all global variables in symfony_request class
This commit is contained in:
Nils Adermann 2014-11-02 00:24:02 +01:00
commit b6a4f83c41
2 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
phpBB/phpbb/session.php
View file

@ -87,7 +87,7 @@ class session
$symfony_request_path = $phpbb_filesystem->clean_path($symfony_request->getPathInfo()); $symfony_request_path = $phpbb_filesystem->clean_path($symfony_request->getPathInfo());
if ($symfony_request_path !== '/') if ($symfony_request_path !== '/')
{ {
$page_name .= $symfony_request_path; $page_name .= str_replace('%2F', '/', urlencode($symfony_request_path));
} }
// current directory within the phpBB root (for example: adm) // current directory within the phpBB root (for example: adm)

3
phpBB/phpbb/symfony_request.php
View file

@ -38,6 +38,9 @@ class symfony_request extends Request
array_walk_recursive($get_parameters, $sanitizer); array_walk_recursive($get_parameters, $sanitizer);
array_walk_recursive($post_parameters, $sanitizer); array_walk_recursive($post_parameters, $sanitizer);
array_walk_recursive($server_parameters, $sanitizer);
array_walk_recursive($files_parameters, $sanitizer);
array_walk_recursive($cookie_parameters, $sanitizer);
parent::__construct($get_parameters, $post_parameters, array(), $cookie_parameters, $files_parameters, $server_parameters); parent::__construct($get_parameters, $post_parameters, array(), $cookie_parameters, $files_parameters, $server_parameters);
} }