nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug #703555

Browse Source
This commit is contained in:
Garvin Hicking
2003-03-14 14:06:52 +00:00
parent 4fc9399e7e
commit de86283ad3
3 changed files with 20 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@@ -5,6 +5,11 @@ phpMyAdmin - Changelog
$Id$ $Id$
$Source$ $Source$
2003-03-14 Garvin Hicking <me@supergarv.de>
* libraries/display_tbl.lib.php3, db_details_importdocsql.php3: Fixed
'../' safety issues, display transformations only if file exists
(Bug #703555)
2003-03-14 Robin Johnson <robbat2@users.sourceforge.net> 2003-03-14 Robin Johnson <robbat2@users.sourceforge.net>
* config.inc.php3, libraries/config_import.lib.php3 tbl_change.php3: * config.inc.php3, libraries/config_import.lib.php3 tbl_change.php3:
- Typo fixes: - Typo fixes:

2
db_details_importdocsql.php3
View File

@@ -206,7 +206,7 @@ if (isset($do) && $do == 'import') {
} else { } else {
// echo '<h1>Starting Import</h1>'; // echo '<h1>Starting Import</h1>';
$docpath = $DOCUMENT_ROOT . dirname($PHP_SELF) . '/' . str_replace('../', './', $docpath); $docpath = $DOCUMENT_ROOT . dirname($PHP_SELF) . '/' . eregi_replace('\.\.*', '.', $docpath);
if (substr($docpath, strlen($docpath) - 2, 1) != '/') { if (substr($docpath, strlen($docpath) - 2, 1) != '/') {
$docpath = $docpath . '/'; $docpath = $docpath . '/';
} }

26
libraries/display_tbl.lib.php3
View File

@@ -1046,24 +1046,22 @@ if (!defined('PMA_DISPLAY_TBL_LIB_INCLUDED')) {
if ($GLOBALS['cfgRelation']['mimework'] && $GLOBALS['cfg']['BrowseMIME']) { if ($GLOBALS['cfgRelation']['mimework'] && $GLOBALS['cfg']['BrowseMIME']) {
if (isset($GLOBALS['mime_map'][$meta->name]['mimetype']) && isset($GLOBALS['mime_map'][$meta->name]['transformation'])) { if (isset($GLOBALS['mime_map'][$meta->name]['mimetype']) && isset($GLOBALS['mime_map'][$meta->name]['transformation']) && !empty($GLOBALS['mime_map'][$meta->name]['transformation'])) {
// garvin: for security, never allow to break out from transformations directory // garvin: for security, never allow to break out from transformations directory
$include_file = eregi_replace('^[\./]*(.*)', '\1', $GLOBALS['mime_map'][$meta->name]['transformation']); $include_file = eregi_replace('\.\.*', '.', $GLOBALS['mime_map'][$meta->name]['transformation']);
$transformfunction_name = str_replace('.inc.php3', '', $GLOBALS['mime_map'][$meta->name]['transformation']); if (file_exists('./libraries/transformations/' . $include_file)) {
$transformfunction_name = str_replace('.inc.php3', '', $GLOBALS['mime_map'][$meta->name]['transformation']);
include('./libraries/transformations/' . $include_file); @include('./libraries/transformations/' . $include_file);
if (defined('PMA_TRANSFORMATION_' . strtoupper($transformfunction_name)) && function_exists('PMA_transformation_' . $transformfunction_name)) { if (defined('PMA_TRANSFORMATION_' . strtoupper($transformfunction_name)) && function_exists('PMA_transformation_' . $transformfunction_name)) {
$transform_function = 'PMA_transformation_' . $transformfunction_name;
$transform_function = 'PMA_transformation_' . $transformfunction_name; $transform_options = PMA_transformation_getOptions((isset($GLOBALS['mime_map'][$meta->name]['transformation_options']) ? $GLOBALS['mime_map'][$meta->name]['transformation_options'] : ''));
$transform_options = PMA_transformation_getOptions((isset($GLOBALS['mime_map'][$meta->name]['transformation_options']) ? $GLOBALS['mime_map'][$meta->name]['transformation_options'] : '')); }
} // end if file_exists
} } // end if transformation is set
} // end if mime/transformation works.
}
}
$transform_options['wrapper_link'] = '?' $transform_options['wrapper_link'] = '?'
. (isset($url_query) ? $url_query : '') . (isset($url_query) ? $url_query : '')