LFI to RCE 취약점 수정

2017-02-06 20:00:18 +09:00
parent ce03af265e
commit ed957cf6b3
7 changed files with 51 additions and 10 deletions
--- a/bbs/content.php
+++ b/bbs/content.php
@ -19,7 +19,7 @@ if (!$co['co_id'])

 $g5['title'] = $co['co_subject'];

-if ($co['co_include_head'])
+if (is_include_path_check($co['co_include_head']))
    @include_once($co['co_include_head']);
 else
    include_once('./_head.php');
@ -85,7 +85,7 @@ if(is_file($skin_file)) {
    echo '<p>'.str_replace(G5_PATH.'/', '', $skin_file).'이 존재하지 않습니다.</p>';
 }

-if ($co['co_include_tail'])
+if (is_include_path_check($co['co_include_tail']))
    @include_once($co['co_include_tail']);
 else
    include_once('./_tail.php');