From 8ce3d6ea57a2181afddc03e154495b6ddeb6c6be Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@owncloud.com>
Date: Fri, 22 May 2015 11:53:02 +0200
Subject: [PATCH] End processing when file is not found

We have to end the processing when a file is not found or otherwise the method is proceeding and even sending invalid file paths to the sendfile methods.

Due to nginx preventing directory traversals this is luckily not immediately exploitable. We should for hardening purposes however quit the script execution just as we do for 403 cases and others as well.
---
 lib/private/files.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/private/files.php b/lib/private/files.php
index 6a739fc844..5a3e102919 100644
--- a/lib/private/files.php
+++ b/lib/private/files.php
@@ -138,6 +138,7 @@ class OC_Files {
 				header("HTTP/1.0 404 Not Found");
 				$tmpl = new OC_Template('', '404', 'guest');
 				$tmpl->printPage();
+				exit();
 			} else {
 				header("HTTP/1.0 403 Forbidden");
 				die('403 Forbidden');