[wp-trac] [WordPress Trac] #42016: Validation of filenames (while unzipping) causes unexpected failures
WordPress Trac
noreply at wordpress.org
Wed Oct 25 01:04:33 UTC 2017
#42016: Validation of filenames (while unzipping) causes unexpected failures
----------------------------+--------------------------
Reporter: Ipstenu | Owner: johnbillion
Type: defect (bug) | Status: closed
Priority: normal | Milestone: 4.9
Component: Filesystem API | Version: 4.8.2
Severity: normal | Resolution: fixed
Keywords: has-patch | Focuses:
----------------------------+--------------------------
Comment (by birgire):
ps: I think we can simplify things by using
{{{
if( substr_count( $file, '../' ) > 1 ) {
}}}
instead of
{{{
if ( preg_match_all( '#\.\./#', $file, $matches, PREG_SET_ORDER ) && (
count( $matches ) > 1 ) ) {
}}}
for counting the number of {{{../}}} substrings in {{{$file}}}.
I just tested and this will pass the tests.
@johnbillion - Not sure if I should reopen or create a new ticket.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/42016#comment:19>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list