Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/help.pl
Chris Cormack 8664d19567 Bug 6628 : Stopping a potential vulnerability 
Signed-off-by: Frère Sébastien Marie <semarie-koha@latrappe.fr>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
- verified help pages still work
- verified /cgi-bin/koha/help.pl?url=koha/../catalogue/advsearch.pl does not
show the template file (did work on master, not after applying patch)
- verified cgi-bin/koha/help.pl?url=koha/../../../../../../etc/passwd%00.pl does not work (didn't work on master or after applying patch)

Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
The potential vulnerability would allow anyone to see the content of any .tt file, and .tt only. Was much less critical than the vulnerability for 6629, but it's worth fixing !
2011-11-28 10:05:58 +01:00

43 lines
1.3 KiB
Perl
Executable file
Raw Blame History

#!/usr/bin/perl
# Copyright 2010 Koha Development team
#
# This file is part of Koha.
#
# Koha is free software; you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
#
# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with Koha; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
use strict;
use warnings;
use C4::Templates;
use C4::Output;
# use C4::Auth;
use C4::Context;
use CGI;
my $query = new CGI;
# find the script that called the online help using the CGI referer()
our $refer = $query->param('url');
$refer = $query->referer() if !$refer || $refer eq 'undefined';
$refer =~ /koha\/(.*)\.pl/;
my $file = $1;
$file =~ s/[^a-zA-Z0-9_\-\/]*//g;
my $from = "help/$file.tt";
my $template = C4::Templates::gettemplate($from, 'intranet', $query);
$template->param( referer => $refer );
output_html_with_http_headers $query, "", $template->output;
View git blame Copy permalink