Avoid Arbitrary File Deletion abuse via Object Injection

mcdruid · Dec 3, 2024 · dd75c9d · dd75c9d
1 parent a1e583f
commit dd75c9d
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/system/src/Grav/Framework/Cache/Adapter/FileCache.php b/system/src/Grav/Framework/Cache/Adapter/FileCache.php
@@ -201,7 +201,7 @@ private function write($file, $data, $expiresAt = null)
 
         try {
             if ($this->tmp === null) {
-                $this->tmp = $this->directory . uniqid('', true);
+                $this->tmp = $this->directory . uniqid(__CLASS__, true);
             }
 
             file_put_contents($this->tmp, $data);
@@ -259,7 +259,7 @@ public static function throwError($type, $message, $file, $line)
     #[\ReturnTypeWillChange]
     public function __destruct()
     {
-        if ($this->tmp !== null && file_exists($this->tmp)) {
+        if ($this->tmp !== null && (strpos(basename($this->tmp), __CLASS__) === 0) && file_exists($this->tmp)) {
             unlink($this->tmp);
         }
     }