If a client is posting bad parameters, it can end up copying a file into itself.

Author: cdujeu

core/src/plugins/access.fs/class.fsAccessDriver.php

@@ -1292,6 +1292,9 @@ protected function copyUploadedData($uploadData, $destination, $filename, $messa
     protected function appendUploadedData($folder, $source, $target){
 
         $already_existed = false;
+        if($source == $target){
+            throw new Exception("Something nasty happened: trying to copy $source into itself, it will create a loop!");
+        }
         if (file_exists($folder ."/" . $target)) {
             $already_existed = true;
             $this->logDebug("Should copy stream from $source to $target");