diff --git a/system/core/Common.php b/system/core/Common.php index 57374b07dde..7beb1d8c0d6 100644 --- a/system/core/Common.php +++ b/system/core/Common.php @@ -637,5 +637,41 @@ function _stringify_attributes($attributes, $js = FALSE) } } +// ------------------------------------------------------------------------ + +if( ! function_exists('is_suhosin_blacklisted')) +{ + /** + * Check Suhosin Blacklist + * + * + * @param string + * @return bool + */ + function is_suhosin_blacklisted($func) + { + if (extension_loaded('suhosin')) + { + $blacklist = @ini_get('suhosin.executor.func.blacklist'); + if ( ! empty($blacklist)) + { + if (strpos($blacklist,',') !== FALSE) + { + $blackarray = explode(',',trim($blacklist)); + } + else { + $blackarray[] = $blacklist; + } + + if (in_array($func,$blackarray)) + { + return TRUE; + } + } + } + return FALSE; + } +} + /* End of file Common.php */ /* Location: ./system/core/Common.php */ \ No newline at end of file diff --git a/system/libraries/Upload.php b/system/libraries/Upload.php index d381440cd64..dd0b7bff49a 100644 --- a/system/libraries/Upload.php +++ b/system/libraries/Upload.php @@ -1033,7 +1033,7 @@ protected function _file_mime_type($file) ? 'file --brief --mime '.escapeshellarg($file['tmp_name']).' 2>&1' : 'file --brief --mime '.$file['tmp_name'].' 2>&1'; - if (function_exists('exec')) + if (function_exists('exec') && ! is_suhosin_blacklisted('exec')) { /* This might look confusing, as $mime is being populated with all of the output when set in the second parameter. * However, we only neeed the last line, which is the actual return value of exec(), and as such - it overwrites @@ -1048,7 +1048,7 @@ protected function _file_mime_type($file) } } - if ( (bool) @ini_get('safe_mode') === FALSE && function_exists('shell_exec')) + if ( (bool) @ini_get('safe_mode') === FALSE && function_exists('shell_exec') && ! is_suhosin_blacklisted('shell_exec')) { $mime = @shell_exec($cmd); if (strlen($mime) > 0) @@ -1062,7 +1062,7 @@ protected function _file_mime_type($file) } } - if (function_exists('popen')) + if (function_exists('popen') && ! is_suhosin_blacklisted('popen')) { $proc = @popen($cmd, 'r'); if (is_resource($proc))