Skip to content

Commit 4fe8611

Browse files
PhenXPhenX
committed
Sanitize file inputs
1 parent afd42c6 commit 4fe8611

File tree

2 files changed

+13
-3
lines changed

2 files changed

+13
-3
lines changed

www/font_info.php

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@
1212
<link rel="stylesheet" href="css/blitzer/jquery-ui-1.8.14.custom.css" />
1313
<script type="text/javascript" src="js/jquery-1.5.1.min.js"></script>
1414
<script type="text/javascript" src="js/jquery-ui-1.8.14.custom.min.js"></script>
15-
<script type="text/javascript" src="js/glyph.js?v=2"></script>
15+
<script type="text/javascript" src="js/glyph.js?v=3"></script>
1616
<script type="text/javascript">
1717
$(function() {
1818
$("#tabs").tabs({
@@ -30,7 +30,12 @@
3030

3131
require_once "../classes/font.cls.php";
3232

33-
$fontfile = @$_GET["fontfile"];
33+
$fontfile = null;
34+
if (isset($_GET["fontfile"])) {
35+
$fontfile = basename($_GET["fontfile"]);
36+
$fontfile = "../fonts/$fontfile";
37+
}
38+
3439
$unicodemap = @$_GET["unicodemap"];
3540

3641
$t = microtime(true);

www/make_subset.php

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,12 @@
66
* @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
77
*/
88

9-
$fontfile = $_GET["fontfile"];
9+
$fontfile = null;
10+
if (isset($_GET["fontfile"])) {
11+
$fontfile = basename($_GET["fontfile"]);
12+
$fontfile = "../fonts/$fontfile";
13+
}
14+
1015
$name = isset($_GET["name"]) ? $_GET["name"] : null;
1116

1217
if (isset($_POST["subset"])) {

0 commit comments

Comments
 (0)