diff options
| author | Thomas Müller <thomas.mueller@tmit.eu> | 2015-12-08 13:52:04 +0100 |
|---|---|---|
| committer | Thomas Müller <thomas.mueller@tmit.eu> | 2015-12-08 13:52:04 +0100 |
| commit | 49095fa4bbf56eaea0f45178ee240ed771bc3f58 (patch) | |
| tree | 29dc8a4ceae61dfaeee4a5669a84ad6af50998e6 /lib | |
| parent | 45fe8271ab1efb90ad0394bec0285f83b1ccd55c (diff) | |
| parent | 715f89a9d9dc8373a85a23f93d093dee2686e232 (diff) | |
| download | nextcloud-server-49095fa4bbf56eaea0f45178ee240ed771bc3f58.tar.gz nextcloud-server-49095fa4bbf56eaea0f45178ee240ed771bc3f58.zip | |
Merge pull request #21031 from owncloud/sanitize-findAppInDirectories
Sanitize the appId passed to `findAppInDirectories`
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/app.php | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/private/app.php b/lib/private/app.php index 145517e218a..abf12264c58 100644 --- a/lib/private/app.php +++ b/lib/private/app.php @@ -474,9 +474,13 @@ class OC_App { * search for an app in all app-directories * * @param string $appId - * @return mixed (bool|string) + * @return false|string */ protected static function findAppInDirectories($appId) { + $sanitizedAppId = self::cleanAppId($appId); + if($sanitizedAppId !== $appId) { + return false; + } static $app_dir = array(); if (isset($app_dir[$appId])) { |