Merge pull request #8603 from magento-cia/cia-2.4.7-beta3-develop-bugfix-10262023

pawan-adobe-security · web-flow · commit debec191faa4 · 2023-10-27T00:32:13.000+05:30
Cia 2.4.7 beta3 develop bugfix 10262023
diff --git a/dev/tests/integration/testsuite/Magento/Cms/Controller/Adminhtml/Wysiwyg/Images/DeleteFilesTest.php b/dev/tests/integration/testsuite/Magento/Cms/Controller/Adminhtml/Wysiwyg/Images/DeleteFilesTest.php
@@ -161,8 +161,6 @@ public function executeDataProvider(): array
             ['name with[ bracket.jpg'],
             ['magento_small_image.jpg'],
             ['_.jpg'],
-            [' - .jpg'],
-            ['-.jpg'],
         ];
     }
 
diff --git a/lib/internal/Magento/Framework/Filesystem/Directory/PathValidator.php b/lib/internal/Magento/Framework/Filesystem/Directory/PathValidator.php
@@ -54,8 +54,11 @@ public function validate(
             $actualPath = $this->driver->getRealPathSafety($path);
         }
 
-        if (mb_strpos($actualPath, $realDirectoryPath) !== 0
-            && rtrim($path, DIRECTORY_SEPARATOR) !== $realDirectoryPath
+        if (preg_match('/(?:^-|\s-)/', $path)
+            || (
+                mb_strpos($actualPath, $realDirectoryPath) !== 0
+                && rtrim($path, DIRECTORY_SEPARATOR) !== $realDirectoryPath
+            )
         ) {
             throw new ValidatorException(
                 new Phrase(
diff --git a/lib/internal/Magento/Framework/Filesystem/File/Write.php b/lib/internal/Magento/Framework/Filesystem/File/Write.php
@@ -8,6 +8,7 @@
 
 use Magento\Framework\Filesystem\DriverInterface;
 use Magento\Framework\Exception\FileSystemException;
+use Magento\Framework\Phrase;
 
 class Write extends Read implements WriteInterface
 {
@@ -28,18 +29,22 @@ public function __construct($path, DriverInterface $driver, $mode)
      * Assert file existence for proper mode
      *
      * @return void
-     * @throws \Magento\Framework\Exception\FileSystemException
+     * @throws FileSystemException
      */
     protected function assertValid()
     {
         $fileExists = $this->driver->isExists($this->path);
         $mode = $this->mode ?? '';
-        if (!$fileExists && preg_match('/r/', $mode)) {
+        if (preg_match('/(?:^-|\s-)/', basename($this->path))) {
+            throw new FileSystemException(
+                new Phrase('The filename "%1" contains invalid characters', [basename($this->path)])
+            );
+        } elseif (!$fileExists && preg_match('/r/', $mode)) {
             throw new FileSystemException(
-                new \Magento\Framework\Phrase('The "%1" file doesn\'t exist.', [$this->path])
+                new Phrase('The "%1" file doesn\'t exist.', [$this->path])
             );
         } elseif ($fileExists && preg_match('/x/', $mode)) {
-            throw new FileSystemException(new \Magento\Framework\Phrase('The file "%1" already exists', [$this->path]));
+            throw new FileSystemException(new Phrase('The file "%1" already exists', [$this->path]));
         }
     }
 
@@ -56,7 +61,7 @@ public function write($data)
             return $this->driver->fileWrite($this->resource, $data);
         } catch (FileSystemException $e) {
             throw new FileSystemException(
-                new \Magento\Framework\Phrase('Cannot write to the "%1" file. %2', [$this->path, $e->getMessage()])
+                new Phrase('Cannot write to the "%1" file. %2', [$this->path, $e->getMessage()])
             );
         }
     }
@@ -76,7 +81,7 @@ public function writeCsv(array $data, $delimiter = ',', $enclosure = '"')
             return $this->driver->filePutCsv($this->resource, $data, $delimiter, $enclosure);
         } catch (FileSystemException $e) {
             throw new FileSystemException(
-                new \Magento\Framework\Phrase('Cannot write to the "%1" file. %2', [$this->path, $e->getMessage()])
+                new Phrase('Cannot write to the "%1" file. %2', [$this->path, $e->getMessage()])
             );
         }
     }
@@ -93,7 +98,7 @@ public function flush()
             return $this->driver->fileFlush($this->resource);
         } catch (FileSystemException $e) {
             throw new FileSystemException(
-                new \Magento\Framework\Phrase('Cannot flush the "%1" file. %2', [$this->path, $e->getMessage()])
+                new Phrase('Cannot flush the "%1" file. %2', [$this->path, $e->getMessage()])
             );
         }
     }

Original file line number	Diff line number	Diff line change
`@@ -161,8 +161,6 @@ public function executeDataProvider(): array`
`161`	`161`	`['name with[ bracket.jpg'],`
`162`	`162`	`['magento_small_image.jpg'],`
`163`	`163`	`['_.jpg'],`
`164`		`- [' - .jpg'],`
`165`		`- ['-.jpg'],`
`166`	`164`	`];`
`167`	`165`	`}`
`168`	`166`
Original file line number	Diff line number	Diff line change
`@@ -8,6 +8,7 @@`
`8`	`8`
`9`	`9`	`use Magento\Framework\Filesystem\DriverInterface;`
`10`	`10`	`use Magento\Framework\Exception\FileSystemException;`
	`11`	`+use Magento\Framework\Phrase;`
`11`	`12`
`12`	`13`	`class Write extends Read implements WriteInterface`
`13`	`14`	`{`
`@@ -28,18 +29,22 @@ public function __construct($path, DriverInterface $driver, $mode)`
`28`	`29`	`* Assert file existence for proper mode`
`29`	`30`	`*`
`30`	`31`	`* @return void`
`31`		`- * @throws \Magento\Framework\Exception\FileSystemException`
	`32`	`+ * @throws FileSystemException`
`32`	`33`	`*/`
`33`	`34`	`protected function assertValid()`
`34`	`35`	`{`
`35`	`36`	`$fileExists = $this->driver->isExists($this->path);`
`36`	`37`	`$mode = $this->mode ?? '';`
`37`		`- if (!$fileExists && preg_match('/r/', $mode)) {`
	`38`	`+ if (preg_match('/(?:^-\|\s-)/', basename($this->path))) {`
	`39`	`+ throw new FileSystemException(`
	`40`	`+ new Phrase('The filename "%1" contains invalid characters', [basename($this->path)])`
	`41`	`+ );`
	`42`	`+ } elseif (!$fileExists && preg_match('/r/', $mode)) {`
`38`	`43`	`throw new FileSystemException(`
`39`		`- new \Magento\Framework\Phrase('The "%1" file doesn\'t exist.', [$this->path])`
	`44`	`+ new Phrase('The "%1" file doesn\'t exist.', [$this->path])`
`40`	`45`	`);`
`41`	`46`	`} elseif ($fileExists && preg_match('/x/', $mode)) {`
`42`		`- throw new FileSystemException(new \Magento\Framework\Phrase('The file "%1" already exists', [$this->path]));`
	`47`	`+ throw new FileSystemException(new Phrase('The file "%1" already exists', [$this->path]));`
`43`	`48`	`}`
`44`	`49`	`}`
`45`	`50`
`@@ -56,7 +61,7 @@ public function write($data)`
`56`	`61`	`return $this->driver->fileWrite($this->resource, $data);`
`57`	`62`	`} catch (FileSystemException $e) {`
`58`	`63`	`throw new FileSystemException(`
`59`		`- new \Magento\Framework\Phrase('Cannot write to the "%1" file. %2', [$this->path, $e->getMessage()])`
	`64`	`+ new Phrase('Cannot write to the "%1" file. %2', [$this->path, $e->getMessage()])`
`60`	`65`	`);`
`61`	`66`	`}`
`62`	`67`	`}`
`@@ -76,7 +81,7 @@ public function writeCsv(array $data, $delimiter = ',', $enclosure = '"')`
`76`	`81`	`return $this->driver->filePutCsv($this->resource, $data, $delimiter, $enclosure);`
`77`	`82`	`} catch (FileSystemException $e) {`
`78`	`83`	`throw new FileSystemException(`
`79`		`- new \Magento\Framework\Phrase('Cannot write to the "%1" file. %2', [$this->path, $e->getMessage()])`
	`84`	`+ new Phrase('Cannot write to the "%1" file. %2', [$this->path, $e->getMessage()])`
`80`	`85`	`);`
`81`	`86`	`}`
`82`	`87`	`}`
`@@ -93,7 +98,7 @@ public function flush()`
`93`	`98`	`return $this->driver->fileFlush($this->resource);`
`94`	`99`	`} catch (FileSystemException $e) {`
`95`	`100`	`throw new FileSystemException(`
`96`		`- new \Magento\Framework\Phrase('Cannot flush the "%1" file. %2', [$this->path, $e->getMessage()])`
	`101`	`+ new Phrase('Cannot flush the "%1" file. %2', [$this->path, $e->getMessage()])`
`97`	`102`	`);`
`98`	`103`	`}`
`99`	`104`	`}`