[Patches] [PATCH] [SIGNED-OFF] Bug 6628 : Stopping a potential vulnerability

koha-patchbot at kohaaloha.com koha-patchbot at kohaaloha.com
Mon Nov 28 20:45:03 NZDT 2011


From: Chris Cormack <chrisc at catalyst.net.nz>
Date: Sat, 26 Nov 2011 07:39:51 +1300
Subject: [PATCH] [SIGNED-OFF] Bug 6628 : Stopping a potential vulnerability
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Frère Sébastien Marie <semarie-koha at latrappe.fr>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83 at web.de>
- verified help pages still work
- verified /cgi-bin/koha/help.pl?url=koha/../catalogue/advsearch.pl does not
show the template file (did work on master, not after applying patch)
- verified cgi-bin/koha/help.pl?url=koha/../../../../../../etc/passwd%00.pl does not work (didn't work on master or after applying patch)
---
 help.pl |    4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/help.pl b/help.pl
index 18d27dd..97f3462 100755
--- a/help.pl
+++ b/help.pl
@@ -32,7 +32,9 @@ our $refer = $query->param('url');
 $refer = $query->referer()  if !$refer || $refer eq 'undefined';
 
 $refer =~ /koha\/(.*)\.pl/;
-my $from = "help/$1.tt";
+my $file = $1;
+$file =~ s/[^a-zA-Z0-9_\-\/]*//g;
+my $from = "help/$file.tt";
 
 my $template = C4::Templates::gettemplate($from, 'intranet', $query);
 $template->param( referer => $refer );
-- 
1.7.5.4


More information about the Patches mailing list