Merge pull request #14289 from owncloud/remove-null-byte-check

Remove Null Byte Check
2015-02-17 14:47:27 +07:00 · 2015-02-17 14:47:27 +07:00 · 8e6a7350f9
parent 76c511de92 20d57c8bfe
commit 8e6a7350f9
2 changed files with 0 additions and 12 deletions
--- a/core/setup/controller.php
+++ b/core/setup/controller.php
@ -131,10 +131,6 @@ class Controller {
 		$databases = $setup->getSupportedDatabases();

 		$dataDir = $this->config->getSystemValue('datadirectory', \OC::$SERVERROOT.'/data');
-		$vulnerableToNullByte = false;
-		if(@file_exists(__FILE__."\0Nullbyte")) { // Check if the used PHP version is vulnerable to the NULL Byte attack (CVE-2006-7243)
-			$vulnerableToNullByte = true;
-		} 

 		$errors = array();

@ -200,7 +196,6 @@ class Controller {
 			'databases' => $databases,
 			'directory' => $dataDir,
 			'htaccessWorking' => $htAccessWorking,
-			'vulnerableToNullByte' => $vulnerableToNullByte,
 			'errors' => $errors,
 		);
 	}
--- a/core/templates/installation.php
+++ b/core/templates/installation.php
@ -26,13 +26,6 @@ script('core', [
 		<?php endforeach; ?>
 	</fieldset>
 	<?php endif; ?>
-	<?php if($_['vulnerableToNullByte']): ?>
-	<fieldset class="warning">
-		<legend><strong><?php p($l->t('Security Warning'));?></strong></legend>
-		<p><?php p($l->t('Your PHP version is vulnerable to the NULL Byte attack (CVE-2006-7243)'));?><br/>
-		<?php p($l->t('Please update your PHP installation to use %s securely.', $theme->getName() )); ?></p>
-	</fieldset>
-	<?php endif; ?>
 	<?php if(!$_['htaccessWorking']): ?>
 	<fieldset class="warning">
 		<legend><strong><?php p($l->t('Security Warning'));?></strong></legend>