MDL-33430 Make file_storage::unpack_reference() more picky on what it gets
authorDavid Mudrák <david@moodle.com>
Wed, 20 Jun 2012 09:48:42 +0000 (11:48 +0200)
committerDavid Mudrák <david@moodle.com>
Wed, 20 Jun 2012 23:32:24 +0000 (01:32 +0200)
lib/filestorage/file_storage.php

index fd9f63c..933c5c3 100644 (file)
@@ -1659,7 +1659,14 @@ class file_storage {
      * @return array
      */
     public static function unpack_reference($str, $cleanparams = false) {
-        $params = unserialize(base64_decode($str));
+        $decoded = base64_decode($str, true);
+        if ($decoded === false) {
+            throw new file_reference_exception(null, $str, null, null, 'Invalid base64 format');
+        }
+        $params = @unserialize($decoded); // hide E_NOTICE
+        if ($params === false) {
+            throw new file_reference_exception(null, $decoded, null, null, 'Not an unserializeable value');
+        }
         if (is_array($params) && $cleanparams) {
             $params = array(
                 'component' => is_null($params['component']) ? ''   : clean_param($params['component'], PARAM_COMPONENT),