From 058903a31762902af78aac37e9ac949bbe8ac546 Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Thu, 22 Nov 2018 12:08:02 +0100
Subject: [PATCH] Apply stricter language filename check in admin language file
 editor.

---
 interface/web/admin/language_edit.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/interface/web/admin/language_edit.php b/interface/web/admin/language_edit.php
index f17c4ae9a8..39baec55e3 100644
--- a/interface/web/admin/language_edit.php
+++ b/interface/web/admin/language_edit.php
@@ -49,7 +49,7 @@ $lang_file = $_REQUEST['lang_file'];
 
 if(!preg_match("/^[a-z]+$/i", $lang)) die('unallowed characters in language name.');
 if(!preg_match("/^[a-z_]+$/i", $module)) die('unallowed characters in module name.');
-if(!preg_match("/^[a-z\._]+$/i", $lang_file)) die('unallowed characters in language file name.');
+if(!preg_match("/^[a-z\._]+$/i", $lang_file) || strpos($lang_file,'..') !== false || substr($lang_file,-4) != '.lng') die('unallowed characters in language file name.');
 
 $msg = '';
 
-- 
GitLab