From c08bcbfa722d758d01975799b7036951eb5d33cb Mon Sep 17 00:00:00 2001 From: nao-pon Date: Mon, 1 Nov 2021 23:04:20 +0900 Subject: [PATCH] [VD:LocalFileSystem] fix #3429 RCE on Windows server --- php/elFinderVolumeLocalFileSystem.class.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/php/elFinderVolumeLocalFileSystem.class.php b/php/elFinderVolumeLocalFileSystem.class.php index b3bb551796..c1a022fe9e 100644 --- a/php/elFinderVolumeLocalFileSystem.class.php +++ b/php/elFinderVolumeLocalFileSystem.class.php @@ -81,6 +81,13 @@ public function __construct() $this->options['keepTimestamp'] = array('copy', 'move'); // keep timestamp at inner filesystem allowed 'copy', 'move' and 'upload' $this->options['substituteImg'] = true; // support substitute image with dim command $this->options['statCorrector'] = null; // callable to correct stat data `function(&$stat, $path, $statOwner, $volumeDriveInstance){}` + if (DIRECTORY_SEPARATOR === '/') { + // Linux + $this->options['acceptedName'] = '/^[^\.\/\x00][^\/\x00]*$/'; + } else { + // Windows + $this->options['acceptedName'] = '/^[^\.\/\x00\\\:*?"<>|][^\/\x00\\\:*?"<>|]*$/'; + } } /*********************************************************************/