From aee07f7bbacdd6599fd0377707f74e3f8f94cafe Mon Sep 17 00:00:00 2001 From: Uwe Tews Date: Sun, 28 Jun 2015 02:37:41 +0200 Subject: [PATCH] - optimize security isTrustedResourceDir() --- change_log.txt | 1 + libs/Smarty.class.php | 2 +- .../smarty_internal_resource_file.php | 2 +- libs/sysplugins/smarty_security.php | 72 +++++++++---------- 4 files changed, 37 insertions(+), 40 deletions(-) diff --git a/change_log.txt b/change_log.txt index 8565715e..f88b3762 100644 --- a/change_log.txt +++ b/change_log.txt @@ -1,6 +1,7 @@  ===== 3.1.28-dev===== (xx.xx.2015) 28.06.2015 - move $smarty->enableSecurity() into Smarty_Security class + - optimize security isTrustedResourceDir() 27.06.2015 - bugfix resolve naming conflict between custom Smarty delimiter '<%' and PHP ASP tags https://github.com/smarty-php/smarty/issues/64 diff --git a/libs/Smarty.class.php b/libs/Smarty.class.php index 06c9c539..74f0d9a5 100644 --- a/libs/Smarty.class.php +++ b/libs/Smarty.class.php @@ -111,7 +111,7 @@ class Smarty extends Smarty_Internal_TemplateBase /** * smarty version */ - const SMARTY_VERSION = '3.1.28-dev/12'; + const SMARTY_VERSION = '3.1.28-dev/13'; /** * define variable scopes diff --git a/libs/sysplugins/smarty_internal_resource_file.php b/libs/sysplugins/smarty_internal_resource_file.php index 34a8730a..1c49654a 100644 --- a/libs/sysplugins/smarty_internal_resource_file.php +++ b/libs/sysplugins/smarty_internal_resource_file.php @@ -164,7 +164,7 @@ class Smarty_Internal_Resource_File extends Smarty_Resource if ($source->filepath !== false) { if (is_object($source->smarty->security_policy)) { - $source->smarty->security_policy->isTrustedResourceDir($source->filepath); + $source->smarty->security_policy->isTrustedResourceDir($source->filepath, $source->isConfig); } $source->exists = true; $source->uid = sha1($source->filepath); diff --git a/libs/sysplugins/smarty_security.php b/libs/sysplugins/smarty_security.php index bfa96646..57534b2d 100644 --- a/libs/sysplugins/smarty_security.php +++ b/libs/sysplugins/smarty_security.php @@ -201,28 +201,28 @@ class Smarty_Security * * @var array */ - protected $_resource_dir = null; + protected $_resource_dir = array(); /** * Cache for $template_dir lookup * * @var array */ - protected $_template_dir = null; + protected $_template_dir = array(); /** * Cache for $config_dir lookup * * @var array */ - protected $_config_dir = null; + protected $_config_dir = array(); /** * Cache for $secure_dir lookup * * @var array */ - protected $_secure_dir = null; + protected $_secure_dir = array(); /** * Cache for $php_resource_dir lookup @@ -475,51 +475,47 @@ class Smarty_Security /** * Check if directory of file resource is trusted. * - * @param string $filepath + * @param string $filepath + * @param null|bool $isConfig * - * @return boolean true if directory is trusted - * @throws SmartyException if directory is not trusted + * @return bool true if directory is trusted + * @throws \SmartyException if directory is not trusted */ - public function isTrustedResourceDir($filepath) + public function isTrustedResourceDir($filepath, $isConfig = null) { - $_template = false; - $_config = false; - $_secure = false; - - $_template_dir = $this->smarty->getTemplateDir(); - $_config_dir = $this->smarty->getConfigDir(); - - // check if index is outdated - if ((!$this->_template_dir || $this->_template_dir !== $_template_dir) || (!$this->_config_dir || $this->_config_dir !== $_config_dir) || (!empty($this->secure_dir) && (!$this->_secure_dir || $this->_secure_dir !== $this->secure_dir))) { - $this->_resource_dir = array(); - $_template = true; - $_config = true; - $_secure = !empty($this->secure_dir); - } - - // rebuild template dir index - if ($_template) { - $this->_template_dir = $_template_dir; - foreach ($_template_dir as $directory) { - $this->_resource_dir[$directory] = true; + if ($isConfig !== true) { + $_dir = $this->smarty->getTemplateDir(); + if ($this->_template_dir !== $_dir) { + foreach ($this->_template_dir as $directory) { + unset($this->_resource_dir[$directory]); + } + foreach ($_dir as $directory) { + $this->_resource_dir[$directory] = true; + } + $this->_template_dir = $_dir; } } - - // rebuild config dir index - if ($_config) { - $this->_config_dir = $_config_dir; - foreach ($_config_dir as $directory) { - $this->_resource_dir[$directory] = true; + if ($isConfig !== false) { + $_dir = $this->smarty->getConfigDir(); + if ($this->_config_dir !== $_dir) { + foreach ($this->_config_dir as $directory) { + unset($this->_resource_dir[$directory]); + } + foreach ($_dir as $directory) { + $this->_resource_dir[$directory] = true; + } + $this->_config_dir = $_dir; } } - - // rebuild secure dir index - if ($_secure) { - $this->_secure_dir = $this->secure_dir; + if ($this->_secure_dir !== (array) $this->secure_dir) { + foreach ($this->_secure_dir as $directory) { + unset($this->_resource_dir[$directory]); + } foreach ((array) $this->secure_dir as $directory) { $directory = $this->smarty->_realpath($directory . DS); $this->_resource_dir[$directory] = true; } + $this->_secure_dir = (array) $this->secure_dir; } $_filepath = $filepath;