| Index: trunk/phase3/includes/filerepo/backend/FSFileBackend.php |
| — | — | @@ -61,13 +61,34 @@ |
| 62 | 62 | * @see FileBackendStore::resolveContainerPath() |
| 63 | 63 | */ |
| 64 | 64 | protected function resolveContainerPath( $container, $relStoragePath ) { |
| | 65 | + // Check that container has a root directory |
| 65 | 66 | if ( isset( $this->containerPaths[$container] ) || isset( $this->basePath ) ) { |
| 66 | | - return $relStoragePath; // container has a root directory |
| | 67 | + // Check for sane relative paths (assume the base paths are OK) |
| | 68 | + if ( $this->isLegalRelPath( $relStoragePath ) ) { |
| | 69 | + return $relStoragePath; |
| | 70 | + } |
| 67 | 71 | } |
| 68 | 72 | return null; |
| 69 | 73 | } |
| 70 | 74 | |
| 71 | 75 | /** |
| | 76 | + * Sanity check a relative file system path for validity |
| | 77 | + * |
| | 78 | + * @param $path string Normalized relative path |
| | 79 | + */ |
| | 80 | + protected function isLegalRelPath( $path ) { |
| | 81 | + // Check for file names longer than 255 chars |
| | 82 | + if ( preg_match( '![^/]{256}!', $path ) ) { // ext3/NTFS |
| | 83 | + return false; |
| | 84 | + } |
| | 85 | + if ( wfIsWindows() ) { // NTFS |
| | 86 | + return !preg_match( '![:*?"<>]!', $path ); |
| | 87 | + } else { |
| | 88 | + return true; |
| | 89 | + } |
| | 90 | + } |
| | 91 | + |
| | 92 | + /** |
| 72 | 93 | * Given the short (unresolved) and full (resolved) name of |
| 73 | 94 | * a container, return the file system path of the container. |
| 74 | 95 | * |