From 419dc66832318bef4fcd80f138a1e95f460e8b77 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20D=C3=BCsterhus?= Date: Tue, 25 Jul 2023 16:32:10 +0200 Subject: [PATCH 1/2] Add FileUtil::extensionAllowsPhpExecution() see WoltLab/com.woltlab.gallery@708e0a8707508c3e45b08ab6a8ae5083eabf00b7 --- wcfsetup/install/files/lib/util/FileUtil.class.php | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/wcfsetup/install/files/lib/util/FileUtil.class.php b/wcfsetup/install/files/lib/util/FileUtil.class.php index bc8f58f800d..4cc115f82d3 100644 --- a/wcfsetup/install/files/lib/util/FileUtil.class.php +++ b/wcfsetup/install/files/lib/util/FileUtil.class.php @@ -739,6 +739,16 @@ public static function getIconNameByFilename($filename) return ''; } + /** + * Returns whether the given $extension might allow for execution of + * PHP code and thus must not be used for untrusted files uploaded by + * a user. + */ + public function extensionAllowsPhpExecution(string $extension): bool + { + return !!\preg_match('/^\.?(php[0-9]*|phtml)$/', $extension); + } + /** * Forbid creation of FileUtil objects. */ From 48860b88232c979292cd26cccb63d2c168cfa285 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20D=C3=BCsterhus?= Date: Fri, 28 Jul 2023 13:57:50 +0200 Subject: [PATCH 2/2] Perform a case-insensitive match in FileUtil::extensionAllowsPhpExecution() --- wcfsetup/install/files/lib/util/FileUtil.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wcfsetup/install/files/lib/util/FileUtil.class.php b/wcfsetup/install/files/lib/util/FileUtil.class.php index 4cc115f82d3..3a4410f1a2f 100644 --- a/wcfsetup/install/files/lib/util/FileUtil.class.php +++ b/wcfsetup/install/files/lib/util/FileUtil.class.php @@ -746,7 +746,7 @@ public static function getIconNameByFilename($filename) */ public function extensionAllowsPhpExecution(string $extension): bool { - return !!\preg_match('/^\.?(php[0-9]*|phtml)$/', $extension); + return !!\preg_match('/^\.?(php[0-9]*|phtml)$/i', $extension); } /**