From b1954e92586f33a345068d56b957d7e366a5ba71 Mon Sep 17 00:00:00 2001
From: Luke Towers <github@luketowers.ca>
Date: Thu, 30 Jul 2020 10:35:02 -0600
Subject: [PATCH] Fix creating asset files

Fixes #5228
---
 modules/cms/classes/Asset.php | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/modules/cms/classes/Asset.php b/modules/cms/classes/Asset.php
index 1073f8ed8..12b79ea35 100644
--- a/modules/cms/classes/Asset.php
+++ b/modules/cms/classes/Asset.php
@@ -285,9 +285,22 @@ class Asset extends Extendable
             $fileName = $this->fileName;
         }
 
-        // Limit paths to those under the assets directory
         $directory = $this->theme->getPath() . '/' . $this->dirName . '/';
-        $path = realpath($directory . $fileName);
+        $filePath = $directory . $fileName;
+        $path = realpath($filePath);
+
+        /**
+         * If the path doesn't exist yet, then create it temporarily
+         * in order to run realpath() resolution on it to verify the
+         * final destination and then remove the temporary file.
+         */
+        if (!$path) {
+            touch($filePath);
+            $path = realpath($filePath);
+            unlink($filePath);
+        }
+
+        // Limit paths to those under the theme's assets directory
         if (!starts_with($path, $directory)) {
             return false;
         }