Project

General

Profile

Actions

Bug #59303

closed

Retrieving resources with relative links is messy

Added by Nils Blattner over 10 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2014-06-03
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
6.2
PHP Version:
Tags:
Complexity:
Is Regression:
No
Sprint Focus:

Description

Hi

The use case is the following:

1) TYPO3 6.2.x installed with symlinks
ls -lah:
... index.php -> typo3_src/index.php
... typo3 -> typo3_src/typo3
... typo3_src -> typo3_src-6.2.3
... typo3_src-6.2.3

2) t3skin installed locally to fix some issues with templavoila

If I open the about module, I get an exception: "#1314516810: File /typo3conf/ext/t3skin/icons/gfx/typo3logo.gif/ does not exist."

The reason behind this is, that the about module tries to get the typo3logo.gif and tries to find it in typo3/, which is resolved to "../typo3/../typo3conf/ext/t3skin/icons/gfx/typo3logo.gif" by \TYPO3\CMS\Backend\Utility\IconUtility::skinImg().
=> This path would be correct, if not for the symlink structure
=> Because of the symlink this path now points (on the system level) at "typo3_src-6.2.3/typo3/../typo3conf/ext/t3skin/icons/gfx/typo3logo.gif" or "typo3_src-6.2.3/typo3conf/ext/t3skin/icons/gfx/typo3logo.gif" which does not exist

In \TYPO3\CMS\Core\Resource\ResourceFactory on line 462

} elseif (@is_file(PATH_site . $input)) {

does not find the file and defaults to creating a folder, which does not exist aswell.

In order to fix this globally, the ResourceFactory should manually resolve any "/./" or "/../". Otherwise this issue will arise in other locally installed system extensions. Also I can think of some scenarios, where this could potentially be a security issue (e.g. if the TYPO3 source is installed in an external folder on the same level with sensitive data).

Patch will be attached.

Cheers Nils


Files

bug_59303.diff (1.01 KB) bug_59303.diff Nils Blattner, 2014-06-03 11:22
Actions

Also available in: Atom PDF