[PHPBB3-12082] phpbb filesystem removes slashes after scheme of URI if path is out of bounds

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Minor
Resolution: Invalid
Affects Version/s: 3.1.0-dev, 3.1.0-a2
Fix Version/s: 3.1.0-a3
Component/s: Other
Labels:
None

Description

If a URL like

http://localhost/phpbb3/../../../index.php

is supplied to clean_path(), the method removes more slashes than it obviously should. The above URL results in this cleaned path:

http:/index.php

That new, cleaned URL is obviously incorrect and does not follow the URI scheme anymore.
I'm not sure if clean_path shouldn't be used for URLs or if we should just make sure that the slashes after the URI scheme are not removed.

Attachments

Activity

People

Assignee:: Andreas Fischer [X] (Inactive)

Reporter:: Marc

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 21/Dec/13 1:23 PM

Updated:: 21/Dec/13 6:17 PM

Resolved:: 21/Dec/13 6:11 PM