diff options
author | Michal Čihař <michal@cihar.com> | 2016-07-12 13:47:35 +0300 |
---|---|---|
committer | Michal Čihař <michal@cihar.com> | 2016-07-12 13:47:35 +0300 |
commit | ab05803a4257c12ee75c3cf1cbc941b3ab1dcf7e (patch) | |
tree | e19df9030ab9c65af5bffe8a910f0c0f528d9c0d /import.php | |
parent | 41684ff1a1fe2380c93fc3a0bf2d68ceb81b55e5 (diff) |
Do not allow symlinks in UploadDir
Signed-off-by: Michal Čihař <michal@cihar.com>
Diffstat (limited to 'import.php')
-rw-r--r-- | import.php | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/import.php b/import.php index d21c13af3e..90b15554b9 100644 --- a/import.php +++ b/import.php @@ -123,7 +123,7 @@ if ($_POST == array() && $_GET == array()) { */ if (! in_array( - $format, + $format, array( 'csv', 'ldi', @@ -338,6 +338,15 @@ if (! empty($local_import_file) && ! empty($cfg['UploadDir'])) { $import_file = PMA_Util::userDir($cfg['UploadDir']) . $local_import_file; + /* + * Do not allow symlinks to avoid security issues + * (user can create symlink to file he can not access, + * but phpMyAdmin can). + */ + if (is_link($import_file)) { + $import_file = 'none'; + } + } elseif (empty($import_file) || ! is_uploaded_file($import_file)) { $import_file = 'none'; } |