diff options
| author | Thomas Müller <thomas.mueller@tmit.eu> | 2015-07-27 13:39:53 +0200 |
|---|---|---|
| committer | Thomas Müller <thomas.mueller@tmit.eu> | 2015-07-27 13:39:53 +0200 |
| commit | c030ae9decd1558a7ececf1dcbc556c293d00ea2 (patch) | |
| tree | dc0d94f07ab786ffda3552949b46f664c857f4c7 /lib | |
| parent | e68741c1b04661d328ef5387c35a1f4dcab5d80b (diff) | |
| parent | c20d4d1a0bf2a57754c675218a458365df2742ff (diff) | |
| download | nextcloud-server-c030ae9decd1558a7ececf1dcbc556c293d00ea2.tar.gz nextcloud-server-c030ae9decd1558a7ececf1dcbc556c293d00ea2.zip | |
Merge pull request #17879 from owncloud/scan-check-path
check if the user is trying to scan a valid path
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/files/utils/scanner.php | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/private/files/utils/scanner.php b/lib/private/files/utils/scanner.php index 3d68eb530a2..c70f4beb31d 100644 --- a/lib/private/files/utils/scanner.php +++ b/lib/private/files/utils/scanner.php @@ -131,6 +131,9 @@ class Scanner extends PublicEmitter { * @throws \OC\ForbiddenException */ public function scan($dir = '') { + if (!Filesystem::isValidPath($dir)) { + throw new \InvalidArgumentException('Invalid path to scan'); + } $mounts = $this->getMounts($dir); foreach ($mounts as $mount) { if (is_null($mount->getStorage())) { |