Improve name validation checks on local File references

This commit is contained in:
Brion Vibber 2010-02-01 08:48:31 -08:00
parent 57d8f22a3a
commit 6159edcebb
2 changed files with 18 additions and 1 deletions

View File

@ -71,7 +71,7 @@ class GetfileAction extends Action
$filename = $this->trimmed('filename'); $filename = $this->trimmed('filename');
$path = null; $path = null;
if ($filename) { if ($filename && File::validFilename($filename)) {
$path = File::path($filename); $path = File::path($filename);
} }

View File

@ -176,8 +176,22 @@ class File extends Memcached_DataObject
return "$nickname-$datestamp-$random.$ext"; return "$nickname-$datestamp-$random.$ext";
} }
/**
* Validation for as-saved base filenames
*/
static function validFilename($filename)
{
return preg_match('^/[A-Za-z0-9._-]+$/', $filename);
}
/**
* @throws ClientException on invalid filename
*/
static function path($filename) static function path($filename)
{ {
if (!self::validFilename($filename)) {
throw new ClientException("Invalid filename");
}
$dir = common_config('attachments', 'dir'); $dir = common_config('attachments', 'dir');
if ($dir[strlen($dir)-1] != '/') { if ($dir[strlen($dir)-1] != '/') {
@ -189,6 +203,9 @@ class File extends Memcached_DataObject
static function url($filename) static function url($filename)
{ {
if (!self::validFilename($filename)) {
throw new ClientException("Invalid filename");
}
if(common_config('site','private')) { if(common_config('site','private')) {
return common_local_url('getfile', return common_local_url('getfile',