Merge branch 'master' of https://github.com/umbraco/Umbraco-CMS into 7.0.0

Conflicts: .gitignore
2013-11-20 14:50:57 +01:00
parent 291fcb043c 4935525591
commit 2beb3c5b4c
3 changed files with 26 additions and 8 deletions
--- a/src/Umbraco.Web.UI/install/steps/Database.ascx.designer.cs
+++ b/src/Umbraco.Web.UI/install/steps/Database.ascx.designer.cs
@@ -101,7 +101,7 @@ namespace Umbraco.Web.UI.Install.Steps {
        /// To modify move field declaration from designer file to code-behind file.
        /// </remarks>
        protected global::System.Web.UI.WebControls.TextBox DatabaseName;
-        
+
        /// <summary>
        /// DatabaseIntegratedSecurity control.
        /// </summary>
--- a/src/Umbraco.Web.UI/umbraco/settings/views/EditView.aspx.cs
+++ b/src/Umbraco.Web.UI/umbraco/settings/views/EditView.aspx.cs
@@ -114,11 +114,18 @@ namespace Umbraco.Web.UI.Umbraco.Settings.Views
 					NameTxt.Text = OriginalFileName;
 					var file = IOHelper.MapPath(SystemDirectories.MvcViews.EnsureEndsWith('/') + OriginalFileName);

+                    // validate file path
+                    if (file.StartsWith(IOHelper.MapPath(SystemDirectories.MvcViews.EnsureEndsWith('/')))) {
+
 					using (var sr = File.OpenText(file))
 					{
 						var s = sr.ReadToEnd();
 						editorSource.Text = s;
-					}					
+					}
+                    } else
+                    {
+                        throw new ArgumentException("Couldn't open file - illegal path");
+                    }
 				
 				}							
 			}
--- a/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/templates.asmx.cs
+++ b/src/Umbraco.Web/umbraco.presentation/umbraco/webservices/templates.asmx.cs
@@ -89,13 +89,24 @@ namespace umbraco.webservices
 	    {
            //NOTE: The legacy code threw an exception so will continue to do that.
 	        AuthorizeRequest(DefaultApps.settings.ToString(), true);
-            
-	        var templateFile = 
-                System.IO.File.OpenText(IOHelper.MapPath(SystemDirectories.Umbraco + "/scripting/templates/cshtml/" + templateId));
-            var content = templateFile.ReadToEnd();
-            templateFile.Close();

-            return content;
+	        var snippetPath = SystemDirectories.Umbraco + "/scripting/templates/cshtml/";
+	        var filePath = IOHelper.MapPath(snippetPath + templateId);
+
+            //Directory check.. only allow files in script dir and below to be edited
+            if (filePath.StartsWith(IOHelper.MapPath(snippetPath)))
+            {
+                var templateFile =
+                    System.IO.File.OpenText(filePath);
+                var content = templateFile.ReadToEnd();
+                templateFile.Close();
+                return content;
+            }
+            else
+            {
+                throw new ArgumentException("Couldn't open snippet - Illegal path");
+                
+            }
        }
 		
 	}