firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

그누보드 파일 삭제 취약점 17-282 수정

Browse Source
This commit is contained in:
thisgun
2017-06-13 16:06:12 +09:00
parent d755a42530
commit c9e85d3159
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
plugin/editor/cheditor5/imageUpload/delete.php
View File

@ -5,9 +5,9 @@ if(!function_exists('ft_nonce_is_valid')){
include_once('../editor.lib.php');
}
$filesrc = isset($_POST["filesrc"]) ? $_POST["filesrc"] : '';
$filesrc = isset($_POST["filesrc"]) ? preg_replace("/[ #\&\+\-%@=\/\\\:;,\'\"\^`~\_|\!\?\*$#<>()\[\]\{\}]/", "", $_POST["filesrc"]) : '';
if( !$filesrc ){
if( !$filesrc || ! preg_match('=^[^/?*;:{}\\\\]+\.[^/?*;:{}\\\\]+$=', $filesrc) || ! preg_match('/\.(gif|jpe?g|bmp|png)$/i', $filesrc) ){
die( false );
}