SECURITY: Do checks on all upload types

[lhc/web/wiklou.git] / includes / upload / UploadStash.php

diff --git a/includes/upload/UploadStash.php b/includes/upload/UploadStash.php
index 1ee4627..8a6d766 100644 (file)
--- a/includes/upload/UploadStash.php
+++ b/includes/upload/UploadStash.php
@@ -422,6 +422,7 @@ class UploadStash {
         * @return string
         */
        public static function getExtensionForPath( $path ) {
+               global $wgFileBlacklist;
                // Does this have an extension?
                $n = strrpos( $path, '.' );
                $extension = null;
@@ -441,7 +442,15 @@ class UploadStash {
                        throw new UploadStashFileException( "extension is null" );
                }
 
-               return File::normalizeExtension( $extension );
+               $extension = File::normalizeExtension( $extension );
+               if ( in_array( $extension, $wgFileBlacklist ) ) {
+                       // The file should already be checked for being evil.
+                       // However, if somehow we got here, we definitely
+                       // don't want to give it an extension of .php and
+                       // put it in a web accesible directory.
+                       return '';
+               }
+               return $extension;
        }
 
        /**