aboutsummaryrefslogtreecommitdiffhomepage
path: root/var
diff options
context:
space:
mode:
authorNicolas LÅ“uillet <nicolas@loeuillet.org>2017-01-17 10:09:04 +0100
committerNicolas LÅ“uillet <nicolas@loeuillet.org>2017-01-17 10:09:04 +0100
commit3d9950792c0aef20643ce1c5f81670e1f7194af9 (patch)
tree0eb9a92112c2e5913015abf01ff4e0b9e14c6d85 /var
parent96e2827605ab459bfc61ff96438eab8285d2a0c7 (diff)
downloadwallabag-3d9950792c0aef20643ce1c5f81670e1f7194af9.tar.gz
wallabag-3d9950792c0aef20643ce1c5f81670e1f7194af9.tar.zst
wallabag-3d9950792c0aef20643ce1c5f81670e1f7194af9.zip
Fixed possible JS injection via the title edition
Diffstat (limited to 'var')
-rw-r--r--var/SymfonyRequirements.php6
1 files changed, 5 insertions, 1 deletions
diff --git a/var/SymfonyRequirements.php b/var/SymfonyRequirements.php
index 7e7723af..7e7a99de 100644
--- a/var/SymfonyRequirements.php
+++ b/var/SymfonyRequirements.php
@@ -780,7 +780,11 @@ class SymfonyRequirements extends RequirementCollection
780 { 780 {
781 $size = ini_get('realpath_cache_size'); 781 $size = ini_get('realpath_cache_size');
782 $size = trim($size); 782 $size = trim($size);
783 $unit = strtolower(substr($size, -1, 1)); 783 $unit = '';
784 if (!ctype_digit($size)) {
785 $unit = strtolower(substr($size, -1, 1));
786 $size = (int) substr($size, 0, -1);
787 }
784 switch ($unit) { 788 switch ($unit) {
785 case 'g': 789 case 'g':
786 return $size * 1024 * 1024 * 1024; 790 return $size * 1024 * 1024 * 1024;