Browse Source

Fix for possible remote file inclusion

jangliss 20 years ago
parent
commit
3a87bdb881
2 changed files with 7 additions and 3 deletions
  1. 3 1
      ChangeLog
  2. 4 2
      src/webmail.php

+ 3 - 1
ChangeLog

@@ -180,12 +180,14 @@ Version 1.5.1 -- CVS
   - Max upload file size now correctly handles a '-1' value, meaning
     unlimited. (#1094569).
   - Security: Added hook for Preferences Backend to resolve potential
-    file inclusions. [CAN-2005-0075] 
+    file inclusions. [CAN-2005-0075]
   - Remove Printer Friendly Clean Display config option, the cleaning
     is now always done.
   - Create new Options section "Compose Preferences" and move some
     options from Display Preferences there; also move some around within
     Display Preferences.
+  - Security: Fix possible file/offsite inclusion in src/webmail.php.
+    [CAN-2005-0075]
 
 Version 1.5.0
 --------------------

+ 4 - 2
src/webmail.php

@@ -129,9 +129,11 @@ else {
  * This was done to create a pure HTML way of refreshing the folder list since
  * we would like to use as little Javascript as possible.
  */
-if (!isset($right_frame)) {
+
+if (empty($right_frame) || (strpos(urldecode($right_frame), '://'))) {
     $right_frame = '';
 }
+
 if ($right_frame == 'right_main.php') {
     $urlMailbox = urlencode($mailbox);
     $right_frame_url =
@@ -166,4 +168,4 @@ if($ret != '') {
 echo $output;
 ?>
 </frameset>
-</html>
+</html>