From 6b68f076e86695b647a5de94c56f8f0bd2552535 Mon Sep 17 00:00:00 2001
From: tianya <yanghuxiao@vip.qq.com>
Date: Mon, 30 Dec 2024 22:25:56 +0800
Subject: [PATCH] =?UTF-8?q?CNVD-C-2024-866100=E9=97=AE=E9=A2=98=E4=BF=AE?=
 =?UTF-8?q?=E5=A4=8D?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/admin/file_manage_control.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/admin/file_manage_control.php b/src/admin/file_manage_control.php
index 906d3764..6a2cd67a 100644
--- a/src/admin/file_manage_control.php
+++ b/src/admin/file_manage_control.php
@@ -17,6 +17,10 @@ $activepath = preg_replace("#^\/{1,}#", "/", $activepath);
 if ($activepath == "/") $activepath = '';
 if ($activepath == "") $inpath = $cfg_basedir;
 else $inpath = $cfg_basedir.$activepath;
+if (DEDEBIZ_SAFE_MODE && !preg_match("#^/static#",$activepath)) {
+    ShowMsg("安全模式下仅允许查看修改static目录文档", -1);
+    exit;
+}
 $files = json_decode(file_get_contents(DEDEDATA.'/admin/files.txt'));
 $currentFolder = basename(__DIR__);
 $realFiles = array();
@@ -86,7 +90,7 @@ else if ($fmdo == "del") {
 else if ($fmdo == "edit") {
     CheckCSRF();
     $filename = str_replace("..", "", $filename);
-    if (preg_match('#\.(php|pl|cgi|asp|aspx|jsp|php5|php4|php3|shtm|shtml|htm)$#i', trim($filename))) {
+    if (preg_match('#\.(php|pl|cgi|asp|aspx|jsp|php5|php4|php3|shtm|shtml|htm)$#i', trim($filename)) || preg_match('#\.[\x00-\x1F\x7F]*$#', trim($filename))) {
         ShowMsg("文件扩展名已被系统禁止", "javascript:;");
         exit();
     }