From 85e6f5fecbdf931bf29f444b06041321898358bd Mon Sep 17 00:00:00 2001
From: Brad Bulger <1234634+bradbulger@users.noreply.github.com>
Date: Thu, 29 Jul 2021 12:09:14 -0700
Subject: [PATCH] Fixes backdrop/backdrop-issues#3008 - redo fix to get
 realpath of existing file or directory.

---
 core/includes/filetransfer/filetransfer.inc | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/core/includes/filetransfer/filetransfer.inc b/core/includes/filetransfer/filetransfer.inc
index 289ea5aeb2a..10ec052ea41 100644
--- a/core/includes/filetransfer/filetransfer.inc
+++ b/core/includes/filetransfer/filetransfer.inc
@@ -167,10 +167,16 @@ abstract class FileTransfer {
    *
    */
   protected final function checkPath($path) {
-    $full_jail = $this->chroot . $this->jail;
-    $full_path = backdrop_realpath(substr($this->chroot . $path, 0, strlen($full_jail)));
-    $full_path = $this->fixRemotePath($full_path, FALSE);
-    if ($full_jail !== $full_path) {
+    $chroot_jail = $this->chroot . $this->jail;
+    $real_jail = backdrop_realpath($chroot_jail);
+    $chroot_path = $this->chroot . $path;
+    $existing_path = $chroot_path;
+    while ($existing_path && !file_exists($existing_path)) {
+      $existing_path = dirname($existing_path);
+    }
+    $real_path = backdrop_realpath($existing_path);
+    $fixed_path = $this->fixRemotePath($real_path, FALSE);
+    if (strpos($fixed_path, $real_jail) !== 0) {
       throw new FileTransferException('@directory is outside of the @jail', NULL, array('@directory' => $path, '@jail' => $this->jail));
     }
   }