Project

General

Profile

Actions
Copy link

Bug #78737

closed

TCA select fileFolder scans whole filesystem upon invalid given path

Added by Anja Leichsenring about 8 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
Should have
Assignee:
Anja Leichsenring
Category:
-
Target version:
-
Start date:
2016-11-17
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
8
PHP Version:
Tags:
Complexity:
Is Regression:
No
Sprint Focus:

Description

I just managed to make TYPO3 scan my complete file system for icons to include into a select field. -.-

Situation:

 'field' => [
            'config' => [
                'type' => 'select',
                'renderType' => 'selectSingle',
                'maxitems' => 1,
                'items' => [
                    ['', 0],
                ],
                'fileFolder' => 'EXT:my_ext/Resources/Public/Icons/',
                'fileFolder_extList' => 'svg',
                'fileFolder_recursions' => 0,
            ],
        ],

Resulting in the exception: #1476107295: PHP Warning: scandir(/boot/efi): failed to open dir: Permission denied in ....

In fact, nothing bad happened, thanks to the permission violation, but still this is not really helpful to find the source of the error.

The problem is a missing check in sysext/backend/Classes/Form/FormDataProvider/AbstractItemProvider.php line 372, where a / is addad after an rtrim on the filepath, might it be empty or not.

Actions
Copy link
 #1

Updated by Anja Leichsenring about 8 years ago

  • Description updated (diff)
Actions
Copy link
 #2

Updated by Gerrit Code Review about 8 years ago

  • Status changed from New to Under Review

Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50699

Actions
Copy link
 #3

Updated by Gerrit Code Review about 8 years ago

Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50699

Actions
Copy link
 #4

Updated by Gerrit Code Review about 8 years ago

Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50699

Actions
Copy link
 #5

Updated by Anja Leichsenring about 8 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100
Actions
Copy link
 #6

Updated by Gerrit Code Review about 8 years ago

  • Status changed from Resolved to Under Review

Patch set 1 for branch TYPO3_7-6 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50712

Actions
Copy link
 #7

Updated by Gerrit Code Review about 8 years ago

Patch set 2 for branch TYPO3_7-6 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/50712

Actions
Copy link
 #8

Updated by Anja Leichsenring about 8 years ago

  • Status changed from Under Review to Resolved
Actions
Copy link
 #9

Updated by Benni Mack about 6 years ago

  • Status changed from Resolved to Closed
Actions
Copy link

Also available in: Atom PDF