fix for attack via FILES

This commit is contained in:
Marc Delisle
2006-09-29 12:54:34 +00:00
parent 99b37f64b6
commit 9a581ab5d8
2 changed files with 10 additions and 3 deletions

View File

@@ -5,6 +5,10 @@ phpMyAdmin - ChangeLog
$Id$ $Id$
$Source$ $Source$
2006-09-29 Marc Delisle <lem9@users.sourceforge.net>
* libraries/grab_globals.lib.php: fix attack via _FILES,
thanks to Stefan Esser
2006-09-27 Marc Delisle <lem9@users.sourceforge.net> 2006-09-27 Marc Delisle <lem9@users.sourceforge.net>
* libraries/common.lib.php, /session.inc.php, /url_generating.lib.php: * libraries/common.lib.php, /session.inc.php, /url_generating.lib.php:
security fixes (announcement will come later), security fixes (announcement will come later),

View File

@@ -91,9 +91,12 @@ if (! empty($_POST)) {
} }
if (! empty($_FILES)) { if (! empty($_FILES)) {
foreach ($_FILES as $name => $value) { $_valid_variables = preg_replace($GLOBALS['_import_blacklist'], '', array_keys($_FILES));
$$name = $value['tmp_name']; foreach ($_valid_variables as $name) {
${$name . '_name'} = $value['name']; if (strlen($name) != 0) {
$$name = $_FILES[$name]['tmp_name'];
${$name . '_name'} = $_FILES[$name]['name'];
}
} }
unset($name, $value); unset($name, $value);
} }