fix pathToLogFile to only get files in log dir (#90)

apreiml · rap2hpoutre · commit 4129da09a5a9 · 2017-05-25T19:41:43.000+02:00
Proper check the file parameter to disallow arbitrary file downloads
diff --git a/src/Rap2hpoutre/LaravelLogViewer/LaravelLogViewer.php b/src/Rap2hpoutre/LaravelLogViewer/LaravelLogViewer.php
@@ -78,16 +78,14 @@ public static function setFile($file)
      */
     public static function pathToLogFile($file)
     {
-        $logsPath = storage_path('logs');
+        if (!starts_with('/', $file)) {
+            $logsPath = storage_path('logs');
 
-        if (app('files')->exists($file)) { // try the absolute path
-            return $file;
+            $file = $logsPath . '/' . $file;
         }
 
-        $file = $logsPath . '/' . $file;
-
         // check if requested file is really in the logs directory
-        if (dirname($file) !== $logsPath) {
+        if (dirname(realpath($file)) !== $logsPath) {
             throw new \Exception('No such log file');
         }
 

Original file line number	Diff line number	Diff line change
`@@ -78,16 +78,14 @@ public static function setFile($file)`
`78`	`78`	`*/`
`79`	`79`	`public static function pathToLogFile($file)`
`80`	`80`	`{`
`81`		`- $logsPath = storage_path('logs');`
	`81`	`+ if (!starts_with('/', $file)) {`
	`82`	`+ $logsPath = storage_path('logs');`
`82`	`83`
`83`		`- if (app('files')->exists($file)) { // try the absolute path`
`84`		`- return $file;`
	`84`	`+ $file = $logsPath . '/' . $file;`
`85`	`85`	`}`
`86`	`86`
`87`		`- $file = $logsPath . '/' . $file;`
`88`		`-`
`89`	`87`	`// check if requested file is really in the logs directory`
`90`		`- if (dirname($file) !== $logsPath) {`
	`88`	`+ if (dirname(realpath($file)) !== $logsPath) {`
`91`	`89`	`throw new \Exception('No such log file');`
`92`	`90`	`}`
`93`	`91`