From 657869eb83a8792e054b736d81def40c2e888141 Mon Sep 17 00:00:00 2001
From: Ramil Valitov <ramilvalitov@gmail.com>
Date: Wed, 2 May 2018 14:16:02 +0300
Subject: [PATCH] [fix] openbase_dir correct processing, #13214

---
 libraries/joomla/filesystem/folder.php            | 2 +-
 libraries/vendor/joomla/filesystem/src/Folder.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/libraries/joomla/filesystem/folder.php b/libraries/joomla/filesystem/folder.php
index 81ddc8e5a9ef9..76db95ce57a0a 100644
--- a/libraries/joomla/filesystem/folder.php
+++ b/libraries/joomla/filesystem/folder.php
@@ -247,7 +247,7 @@ public static function create($path = '', $mode = 0755)
 				{
 					$test = $pathObject->clean($test);
 
-					if (strpos($path, $test) === 0)
+					if (strpos($path, $test) === 0 || strpos($path, realpath($test)) === 0)
 					{
 						$inBaseDir = true;
 						break;
diff --git a/libraries/vendor/joomla/filesystem/src/Folder.php b/libraries/vendor/joomla/filesystem/src/Folder.php
index 129e085b967f4..5442c487fc397 100644
--- a/libraries/vendor/joomla/filesystem/src/Folder.php
+++ b/libraries/vendor/joomla/filesystem/src/Folder.php
@@ -179,7 +179,7 @@ public static function create($path = '', $mode = 0755)
 			{
 				$test = Path::clean($test);
 
-				if (strpos($path, $test) === 0)
+				if (strpos($path, $test) === 0 || strpos($path, realpath($test)) === 0)
 				{
 					$inBaseDir = true;
 					break;