smarty-php/smarty
1
0
Fork 0
mirror of https://github.com/smarty-php/smarty.git synced 2025-12-16 02:28:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

- security possible PHP code injection on custom resources at display() or fetch()

Browse Source 
calls if the resource does not sanitize the template name
This commit is contained in:
Uwe Tews
2017-07-21 05:13:54 +02:00
parent a6f3a518e1
commit 614ad1f8b9
4 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
libs/sysplugins/smarty_internal_runtime_codeframe.php
View File

@@ -41,8 +41,8 @@ class Smarty_Internal_Runtime_CodeFrame
$properties[ 'cache_lifetime' ] = $_template->cache_lifetime;
}
$output = "<?php\n";
$output .= "/* Smarty version " . Smarty::SMARTY_VERSION . ", created on " . strftime("%Y-%m-%d %H:%M:%S") .
"\n from \"" . $_template->source->filepath . "\" */\n\n";
$output .= "/* Smarty version {Smarty::SMARTY_VERSION}, created on " . strftime("%Y-%m-%d %H:%M:%S") .
"\n from \"" . str_replace('*/','* /',$_template->source->filepath) . "\" */\n\n";
$output .= "/* @var Smarty_Internal_Template \$_smarty_tpl */\n";
$dec = "\$_smarty_tpl->_decodeProperties(\$_smarty_tpl, " . var_export($properties, true) . ',' .
($cache ? 'true' : 'false') . ")";