From 61ce6e21ec751269501302b91d1d2e60b6cea2e9 Mon Sep 17 00:00:00 2001
From: Matthew Dawson <matthew@mjdsystems.ca>
Date: Mon, 3 Jan 2011 17:46:18 -0500
Subject: [PATCH] Fix a chroot issue where the path /.. (and related paths) are
 not caught and removed.

Signed-off-by: Matthew Dawson <matthew@mjdsystems.ca>
---
 inc/lib_filesystem.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/inc/lib_filesystem.php b/inc/lib_filesystem.php
index a64d2ba599..accc133b7b 100644
--- a/inc/lib_filesystem.php
+++ b/inc/lib_filesystem.php
@@ -111,7 +111,7 @@ class OC_FILESYSTEM{
 		if(substr($path,0,1)!=='/'){
 			$path='/'.$path;
 		}
-		if(strstr($path,'/../')){
+		if(strstr($path,'/../') || strrchr($path, '/') === '/..' ){
 			return false;
 		}
 		return true;//dummy untill premissions are correctly implemented, also the correcty value because for now users are locked in their seperate data dir and can read/write everything in there