MDL-36977 Be more picky when it comes to migrating files in moodle1 backups

author David Mudrák <david@moodle.com>

Mon, 7 Jan 2013 21:21:08 +0000 (22:21 +0100)

committer Dan Poltawski <dan@moodle.com>

Tue, 8 Jan 2013 00:54:29 +0000 (08:54 +0800)
author David Mudrák <david@moodle.com>
Mon, 7 Jan 2013 21:21:08 +0000 (22:21 +0100)
committer Dan Poltawski <dan@moodle.com>
Tue, 8 Jan 2013 00:54:29 +0000 (08:54 +0800)
diff --git a/backup/converter/moodle1/lib.php b/backup/converter/moodle1/lib.php

index 9edda48..3b3fd4a 100644 (file)
--- a/backup/converter/moodle1/lib.php
+++ b/backup/converter/moodle1/lib.php
@@ -641,7 +641,9 @@ class moodle1_converter extends base_converter {
          }
          foreach ($matches[2] as $match) {
              $file = str_replace(array('$@FILEPHP@$', '$@SLASH@$', '$@FORCEDOWNLOAD@$'), array('', '/', ''), $match);
-            $files[] = rawurldecode($file);
+            if ($file === clean_param($file, PARAM_PATH)) {
+                $files[] = rawurldecode($file);
+            }
          }
  
          return array_unique($files);
@@ -1209,6 +1211,10 @@ class moodle1_file_manager implements loggable {
  
          $sourcefullpath = $this->basepath.'/'.$sourcepath;
  
+        if ($sourcefullpath !== clean_param($sourcefullpath, PARAM_PATH)) {
+            throw new moodle1_convert_exception('file_invalid_path', $sourcefullpath);
+        }
+
          if (!is_readable($sourcefullpath)) {
              throw new moodle1_convert_exception('file_not_readable', $sourcefullpath);
          }
author	David Mudrák <david@moodle.com>
	Mon, 7 Jan 2013 21:21:08 +0000 (22:21 +0100)
committer	Dan Poltawski <dan@moodle.com>
	Tue, 8 Jan 2013 00:54:29 +0000 (08:54 +0800)