Ticket #2942 (closed defect: fixed)
CGI "id" parameter not sufficiently validated, could allow for the creation of files on the file system
|Reported by:||sdlime||Owned by:||sdlime|
|Component:||MapServer C Library||Version:||unspecified|
The CGI parameter (used for pseudo session handling) is not sufficiently validated and could be used to create files outside of intended locations. The parameter is checked for length but not for content so inserting relative paths alters where MapServer will try to create temporary files.
The fix is to apply a regex pattern to limit an id's value.