normalize path in appendOpenBasedirPath() after empty check as this results in an assert in makeCorrectDir()

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
2016-02-01 09:35:31 +01:00
parent a3032fc62a
commit 5228e0f3d6
1 changed files with 36 additions and 36 deletions
--- a/lib/functions/validate/function.appendOpenbasedirPath.php
+++ b/lib/functions/validate/function.appendOpenbasedirPath.php
@@ -19,42 +19,42 @@
 * checks give path for security issues
 * and returns a string that can be appended
 * to a line for a open_basedir directive
- * 
- * @param string  $path  the path to check and append
- * @param boolean $first if true, no ':' will be prefixed to the path
- * 
+ *
+ * @param string $path
+ *            the path to check and append
+ * @param boolean $first
+ *            if true, no ':' will be prefixed to the path
+ *            
 * @return string
 */
-function appendOpenBasedirPath($path = '', $first = false) {
-
-	$path = makeCorrectDir($path);
-
-	// check for php-version that requires the trailing
-	// slash to be removed as it does not allow the usage
-	// of the subfolders within the given folder, fixes #797
-	if ((PHP_MINOR_VERSION == 2 && PHP_VERSION_ID >= 50216)
-		|| PHP_VERSION_ID >= 50304
-	) {
-		// check trailing slash
-		if (substr($path, -1, 1) == '/') {
-			// remove it
-			$path = substr($path, 0, -1);
-		}
-	}
-
-	if($path != ''
-		&& $path != '/'
-		&& (!preg_match("#^/dev#i", $path) || preg_match("#^/dev/urandom#i", $path))
-		&& !preg_match("#^/proc#i", $path)
-		&& !preg_match("#^/etc#i", $path)
-		&& !preg_match("#^/sys#i", $path)
-		&& !preg_match("#:#", $path)
-	) {
-		if ($first) {
-			return $path;
-		}
-
-		return ':' . $path;
-	}
-	return '';
+function appendOpenBasedirPath($path = '', $first = false)
+{
+    if ($path != '' && $path != '/'
+        && (! preg_match("#^/dev#i", $path) || preg_match("#^/dev/urandom#i", $path))
+        && ! preg_match("#^/proc#i", $path)
+        && ! preg_match("#^/etc#i", $path)
+        && ! preg_match("#^/sys#i", $path)
+        && ! preg_match("#:#", $path)
+    ) {
+        
+        $path = makeCorrectDir($path);
+        
+        // check for php-version that requires the trailing
+        // slash to be removed as it does not allow the usage
+        // of the subfolders within the given folder, fixes #797
+        if ((PHP_MINOR_VERSION == 2 && PHP_VERSION_ID >= 50216) || PHP_VERSION_ID >= 50304) {
+            // check trailing slash
+            if (substr($path, - 1, 1) == '/') {
+                // remove it
+                $path = substr($path, 0, - 1);
+            }
+        }
+        
+        if ($first) {
+            return $path;
+        }
+        
+        return ':' . $path;
+    }
+    return '';
 }