From 8911189d5a3121c6c902b7ef33e35969f03f131c Mon Sep 17 00:00:00 2001 From: Aaron Jorbin Date: Thu, 25 Jul 2024 16:35:13 +0000 Subject: [PATCH] Filesystem: Normalize allowed_files so comparison is apples to apples. In [58470] a change was made to normalize the filename in validate_file, however this leads to instances where the list of files that are allowed aren't normalized such as in the theme editor. By normalizing the array, the comparison is apples to apples. Reviewed by hellofromTonya. Merges 58570 to the 6.5 branch. Fixes #61488. Props jorbin, hellofromtonya, swissspidy, misulicus, script2see, Presskopp, audrasjb, peterwilsoncc, siliconforks, littler.chicken, paulkevan, Built from https://develop.svn.wordpress.org/branches/6.5@58808 git-svn-id: http://core.svn.wordpress.org/branches/6.5@58204 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/functions.php | 4 +++- wp-includes/version.php | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/wp-includes/functions.php b/wp-includes/functions.php index f9d617660a..bb4ee79a1b 100644 --- a/wp-includes/functions.php +++ b/wp-includes/functions.php @@ -6192,8 +6192,10 @@ function validate_file( $file, $allowed_files = array() ) { return 0; } - // Normalize path for Windows servers + // Normalize path for Windows servers. $file = wp_normalize_path( $file ); + // Normalize path for $allowed_files as well so it's an apples to apples comparison. + $allowed_files = array_map( 'wp_normalize_path', $allowed_files ); // `../` on its own is not allowed: if ( '../' === $file ) { diff --git a/wp-includes/version.php b/wp-includes/version.php index a45ebdb516..6b611a1c03 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -16,7 +16,7 @@ * * @global string $wp_version */ -$wp_version = '6.5.6-alpha-58658'; +$wp_version = '6.5.6-alpha-58808'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.