From d33753014c91f8a1916656952c8294128fca3462 Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Fri, 6 Sep 2019 12:28:27 +0900
Subject: [PATCH] =?UTF-8?q?[KVE-2019-1162]=EC=9E=84=EC=9D=98=20=EB=AA=85?=
 =?UTF-8?q?=EB=A0=B9=EC=96=B4=20=EC=8B=A4=ED=96=89=20=EC=B7=A8=EC=95=BD?=
 =?UTF-8?q?=EC=A0=90=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 lib/common.lib.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/common.lib.php b/lib/common.lib.php
index 6f9d0e906..3546358ef 100644
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@@ -3561,12 +3561,15 @@ function is_include_path_check($path='', $is_input='')
             if( preg_match('/\/data\/(file|editor|qa|cache|member|member_image|session|tmp)\/[A-Za-z0-9_]{1,20}\//i', $replace_path) ){
                 return false;
             }
-            if( (preg_match('/\.\.\//i', $replace_path) || preg_match('/^\/.*/i', $replace_path)) && preg_match('/plugin\//i', $replace_path) && preg_match('/okname\//i', $replace_path) ){
+            if( preg_match('/'.G5_PLUGIN_DIR.'\//i', $replace_path) && (preg_match('/'.G5_OKNAME_DIR.'\//i', $replace_path) || preg_match('/'.G5_KCPCERT_DIR.'\//i', $replace_path) || preg_match('/'.G5_LGXPAY_DIR.'\//i', $replace_path)) ){
                 return false;
             }
             if( substr_count($replace_path, './') > 5 ){
                 return false;
             }
+            if( defined('G5_SHOP_DIR') && preg_match('/'.G5_SHOP_DIR.'\//i', $replace_path) && preg_match('/kcp\//i', $replace_path) ){
+                return false;
+            }
         }
 
         $extension = pathinfo($path, PATHINFO_EXTENSION);