File: 032_CVE-2008-1924.patch

package info (click to toggle)
phpmyadmin 4%3A2.9.1.1-13
  • links: PTS
  • area: main
  • in suites: etch
  • size: 13,324 kB
  • ctags: 119,177
  • sloc: php: 148,860; sh: 645; sql: 224; perl: 142
file content (11 lines) | stat: -rw-r--r-- 586 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
 
--- phpmyadmin-2.9.1.1.orig/libraries/tbl_replace_fields.inc.php	2008/04/22 20:11:52	11210
+++ phpmyadmin-2.9.1.1/libraries/tbl_replace_fields.inc.php	2008/04/23 08:49:47	11211
@@ -61,7 +61,7 @@
             // void
         }
 
-    } elseif (!empty(${'me_fields_uploadlocal_' . $encoded_key})) {
+    } elseif (!empty(${'me_fields_uploadlocal_' . $encoded_key}) && !empty($GLOBALS['cfg']['UploadDir'])) {
         $file_to_upload = PMA_userDir($cfg['UploadDir']) . preg_replace('@\.\.*@', '.', ${'me_fields_uploadlocal_' . $encoded_key});
 
         // A local file will be uploaded.