Bug #61295
closed
calculateBasePath of LocalDriver does not properly sanitize value
100%
Description
The method "calculateBasePath" of Resource/Driver/LocalDriver.php does not properly sanitize the passed value. It misses to use the return value of "canonicalizeAndCheckFilePath".
This would result in problems when using "/fileadmin/" as "Base path" in a sys_file_storage record being set to "relative".
It would also not remove the "/../" of a sys_file_storage base path like "/var/www/mysite/fileadmin/../../somewhereelse/" when being set to absolute.
Patch with unit tests sent to gerrit.
Updated by Gerrit Code Review about 10 years ago
- Status changed from New to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/32548
Updated by Gerrit Code Review about 10 years ago
Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/32548
Updated by Gerrit Code Review about 10 years ago
Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/32548
Updated by Gerrit Code Review about 10 years ago
Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/32548
Updated by Gerrit Code Review about 10 years ago
Patch set 5 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/32548
Updated by Gerrit Code Review about 10 years ago
Patch set 1 for branch TYPO3_6-2 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/32889
Updated by Anonymous about 10 years ago
- Status changed from Under Review to Resolved
- % Done changed from 80 to 100
Applied in changeset 0d5a3c0379d5fc6c208cf267b8b23993cd2b6a55.
Updated by