Skip to content

Commit

Permalink
Patching security fix for dompdf resolving internal urls
Browse files Browse the repository at this point in the history
  • Loading branch information
@codyfinegan
codyfinegan committed Mar 27, 2024
1 parent f9c4d23 commit 5e06eea
Showing 1 changed file with 5 additions and 1 deletion.
6 changes: 5 additions & 1 deletion src/Helpers.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -899,7 +899,11 @@ public static function getFileContent($uri, $context = null, $offset = 0, $maxle
// Totara: this must be safe, so allow built-in dompdf resources and pluginfile images only!
global $CFG;
$resourcepath = DIRECTORY_SEPARATOR.'dompdf'.DIRECTORY_SEPARATOR.'dompdf'.DIRECTORY_SEPARATOR.'lib'.DIRECTORY_SEPARATOR.'res'.DIRECTORY_SEPARATOR;
if (is_file($uri) && strpos(realpath($uri), $resourcepath) !== false) {

// Totara: dompdf prefixes internal files with file:// which breaks with realpath
$realpath = strpos($uri, 'file://') === 0 ? substr($uri, 7) : $uri;

if (is_file($uri) && strpos(realpath($realpath), $resourcepath) !== false) {
$data = file_get_contents($uri);
if ($offset > 0) {
$data = substr($data, $offset);
Expand Down

0 comments on commit 5e06eea

Please sign in to comment.