From c9dbe1d08c081912d02bd851d1d1b6388f6133d1 Mon Sep 17 00:00:00 2001
From: Uwe Tews <uwe.tews@gmail.com>
Date: Thu, 26 Apr 2018 21:38:08 +0200
Subject: [PATCH] - bugfix  regarding Security Vulnerability did not solve the
 problem under Linux

---
 libs/sysplugins/smarty_security.php | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/libs/sysplugins/smarty_security.php b/libs/sysplugins/smarty_security.php
index 2706fad2..5378c390 100644
--- a/libs/sysplugins/smarty_security.php
+++ b/libs/sysplugins/smarty_security.php
@@ -639,7 +639,8 @@ class Smarty_Security
     {
         $directory = dirname($this->smarty->_realpath($filepath, true)) . DIRECTORY_SEPARATOR;
         $_directory = array();
-        while (true) {
+        if (!preg_match('#[\\\\/][.][.][\\\\/]#',$directory)) {
+            while (true) {
              // test if the directory is trusted
             if (isset($dirs[ $directory ])) {
                return $_directory;
@@ -647,13 +648,16 @@ class Smarty_Security
             // abort if we've reached root
             if (!preg_match('#[\\\\/][^\\\\/]+[\\\\/]$#', $directory)) {
                 // give up
-                throw new SmartyException(sprintf('Smarty Security: not trusted file path \'%s\' ',$filepath));
+                break;
             }
             // remember the directory to add it to _resource_dir in case we're successful
             $_directory[ $directory ] = true;
            // bubble up one level
             $directory = preg_replace('#[\\\\/][^\\\\/]+[\\\\/]$#', DIRECTORY_SEPARATOR, $directory);
+            }
         }
+        // give up
+        throw new SmartyException(sprintf('Smarty Security: not trusted file path \'%s\' ',$filepath));
     }
 
     /**