20220315

3 years ago · 95b19a687b
2 changed files with 9 additions and 3 deletions
--- a/data/update.log
+++ b/data/update.log
@ -62,4 +62,7 @@ CREATE INDEX on_options_key_IDX ON on_options ("key");
				@@ -62,4 +62,7 @@ CREATE INDEX on_options_key_IDX ON on_options ("key");
 20220312
 1. 新增API：根据ID查询单个分类信息
 2. 修复后台编辑链接，分类信息显示不正确
-3. 书签导入时文件名过滤
+3. 书签导入时文件名过滤
+
+20220315
+1. 修复一个任意文件漏洞
--- a/index.php
+++ b/index.php
@ -43,8 +43,11 @@ if((!isset($c)) || ($c == '')){
				@@ -43,8 +43,11 @@ if((!isset($c)) || ($c == '')){

 else{
 	//对请求参数进行过滤，同时检查文件是否存在
-	$c = str_replace('../','',$c);
-	$c = str_replace('./','',$c);
+	$c = str_replace('\\','/',$c);
+	$pattern = "%\./%";
+	if ( preg_match_all($pattern,$c) ) {
+		exit('非法请求!');
+	}
 	//控制器文件
 	$controller_file = "./controller/".$c.'.php';
 	if( file_exists($controller_file) ) {