symfony
diff --git a/‎src/Symfony/Bundle/WebProfilerBundle/Controller/ProfilerController.php
Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Bundle/WebProfilerBundle/Controller/ProfilerController.php
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Bundle/WebProfilerBundle/Tests/Controller/ProfilerControllerTest.php
Lines changed: 37 additions & 0 deletions b/‎src/Symfony/Bundle/WebProfilerBundle/Tests/Controller/ProfilerControllerTest.php
Lines changed: 37 additions & 0 deletions
@@ -385,7 +385,7 @@ public function openAction(Request $request)
 
         $filename = $this->baseDir.DIRECTORY_SEPARATOR.$file;
 
-        if (preg_match("'(^|[/\\\\])\.\.?([/\\\\]|$)'", $file) || !is_readable($filename)) {
+        if (preg_match("'(^|[/\\\\])\.'", $file) || !is_readable($filename)) {
             throw new NotFoundHttpException(sprintf('The file "%s" cannot be opened.', $file));
         }
 
 
@@ -14,6 +14,7 @@
 use PHPUnit\Framework\TestCase;
 use Symfony\Bundle\WebProfilerBundle\Controller\ProfilerController;
 use Symfony\Bundle\WebProfilerBundle\Csp\ContentSecurityPolicyHandler;
+use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
 use Symfony\Component\HttpKernel\Profiler\Profile;
 use Symfony\Component\HttpFoundation\Request;
 
@@ -46,6 +47,42 @@ public function getEmptyTokenCases()
         );
     }
 
+    /**
+     * @dataProvider getOpenFileCases
+     */
+    public function testOpeningDisallowedPaths($path, $isAllowed)
+    {
+        $urlGenerator = $this->getMockBuilder('Symfony\Component\Routing\Generator\UrlGeneratorInterface')->getMock();
+        $twig = $this->getMockBuilder('Twig\Environment')->disableOriginalConstructor()->getMock();
+        $profiler = $this
+            ->getMockBuilder('Symfony\Component\HttpKernel\Profiler\Profiler')
+            ->disableOriginalConstructor()
+            ->getMock();
+
+        $controller = new ProfilerController($urlGenerator, $profiler, $twig, array(), 'bottom', null, __DIR__.'/../..');
+
+        try {
+            $response = $controller->openAction(Request::create('/_wdt/open', Request::METHOD_GET, array('file' => $path)));
+            $this->assertEquals(200, $response->getStatusCode());
+            $this->assertTrue($isAllowed);
+        } catch (NotFoundHttpException $e) {
+            $this->assertFalse($isAllowed);
+        }
+    }
+
+    public function getOpenFileCases()
+    {
+        return array(
+            array('README.md', true),
+            array('composer.json', true),
+            array('Controller/ProfilerController.php', true),
+            array('.gitignore', false),
+            array('../TwigBundle/README.md', false),
+            array('Controller/../README.md', false),
+            array('Controller/./ProfilerController.php', false),
+        );
+    }
+
     /**
      * @dataProvider provideCspVariants
      */
Original file line number	Diff line number	Diff line change
`@@ -385,7 +385,7 @@ public function openAction(Request $request)`
`385`	`385`
`386`	`386`	`$filename = $this->baseDir.DIRECTORY_SEPARATOR.$file;`
`387`	`387`
`388`		`- if (preg_match("'(^\|[/\\\\])\.\.?([/\\\\]\|$)'", $file) \|\| !is_readable($filename)) {`
	`388`	`+ if (preg_match("'(^\|[/\\\\])\.'", $file) \|\| !is_readable($filename)) {`
`389`	`389`	`throw new NotFoundHttpException(sprintf('The file "%s" cannot be opened.', $file));`
`390`	`390`	`}`
`391`	`391`