diff options
| author | Robin Appelman <icewind@owncloud.com> | 2015-07-26 19:13:31 +0200 |
|---|---|---|
| committer | Lukas Reschke <lukas@owncloud.com> | 2015-07-27 11:21:48 +0200 |
| commit | f74525c349c501c750d35e43153c862cf56a0221 (patch) | |
| tree | bba734b064ffe71632e565f517bb65d9bfe7545e /lib/private/files/utils | |
| parent | 4edfadac96fcf267c97371e67e5feccec94b337e (diff) | |
| download | nextcloud-server-f74525c349c501c750d35e43153c862cf56a0221.tar.gz nextcloud-server-f74525c349c501c750d35e43153c862cf56a0221.zip | |
check if the user is trying to scan a valid path
Diffstat (limited to 'lib/private/files/utils')
| -rw-r--r-- | lib/private/files/utils/scanner.php | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/private/files/utils/scanner.php b/lib/private/files/utils/scanner.php index 3d68eb530a2..c70f4beb31d 100644 --- a/lib/private/files/utils/scanner.php +++ b/lib/private/files/utils/scanner.php @@ -131,6 +131,9 @@ class Scanner extends PublicEmitter { * @throws \OC\ForbiddenException */ public function scan($dir = '') { + if (!Filesystem::isValidPath($dir)) { + throw new \InvalidArgumentException('Invalid path to scan'); + } $mounts = $this->getMounts($dir); foreach ($mounts as $mount) { if (is_null($mount->getStorage())) { |