Security issue: Encoding of GUID in itemcache to avoid directory bypassing with a malificious formatted GUID.

2025-06-17 01:25:21 +02:00 · 2014-09-27 12:49:00 +02:00 · 2014-09-27 12:49:00 +02:00 · 459fc2fabd
commit 459fc2fabd
parent 4ec5974074
5 changed files with 7 additions and 5 deletions
--- a/include/items.php
+++ b/include/items.php
@ -1412,7 +1412,7 @@ function item_store($arr,$force_parent = false, $notify = false) {
 	if (!$deleted) {

 		// Store the fresh generated item into the cache
-		$cachefile = get_cachefile($arr["guid"]."-".hash("md5", $arr['body']));
+		$cachefile = get_cachefile(urlencode($arr["guid"])."-".hash("md5", $arr['body']));

 		if (($cachefile != '') AND !file_exists($cachefile)) {
 			$s = prepare_text($arr['body']);