Intermédiaire
This commit is contained in:
@@ -6,6 +6,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
||||
|
||||
## [Unreleased]
|
||||
|
||||
## [3.1.39] - 2021-02-17
|
||||
|
||||
### Security
|
||||
- Prevent access to `$smarty.template_object` in sandbox mode
|
||||
- Fixed code injection vulnerability by using illegal function names in `{function name='blah'}{/function}`
|
||||
|
||||
## [3.1.38] - 2021-01-08
|
||||
|
||||
### Fixed
|
||||
|
||||
0
Sources/webAduc/www/vendor/smarty/smarty/expectException
vendored
Normal file
0
Sources/webAduc/www/vendor/smarty/smarty/expectException
vendored
Normal file
@@ -111,7 +111,7 @@ class Smarty extends Smarty_Internal_TemplateBase
|
||||
/**
|
||||
* smarty version
|
||||
*/
|
||||
const SMARTY_VERSION = '3.1.38';
|
||||
const SMARTY_VERSION = '3.1.39';
|
||||
/**
|
||||
* define variable scopes
|
||||
*/
|
||||
|
||||
@@ -58,6 +58,11 @@ class Smarty_Internal_Compile_Function extends Smarty_Internal_CompileBase
|
||||
}
|
||||
unset($_attr[ 'nocache' ]);
|
||||
$_name = trim($_attr[ 'name' ], '\'"');
|
||||
|
||||
if (!preg_match('/^[a-zA-Z0-9_\x80-\xff]+$/', $_name)) {
|
||||
$compiler->trigger_template_error("Function name contains invalid characters: {$_name}", null, true);
|
||||
}
|
||||
|
||||
$compiler->parent_compiler->tpl_function[ $_name ] = array();
|
||||
$save = array(
|
||||
$_attr, $compiler->parser->current_buffer, $compiler->template->compiled->has_nocache_code,
|
||||
|
||||
@@ -81,6 +81,10 @@ class Smarty_Internal_Compile_Private_Special_Variable extends Smarty_Internal_C
|
||||
case 'template':
|
||||
return 'basename($_smarty_tpl->source->filepath)';
|
||||
case 'template_object':
|
||||
if (isset($compiler->smarty->security_policy)) {
|
||||
$compiler->trigger_template_error("(secure mode) template_object not permitted");
|
||||
break;
|
||||
}
|
||||
return '$_smarty_tpl';
|
||||
case 'current_dir':
|
||||
return 'dirname($_smarty_tpl->source->filepath)';
|
||||
|
||||
Reference in New Issue
Block a user