Sanitize and decode archive name (see #480)

pydio · Mar 17, 2014 · 915d364 · 915d364
1 parent ed00563
commit 915d364
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/core/src/plugins/action.powerfs/class.PowerFSController.php b/core/src/plugins/action.powerfs/class.PowerFSController.php
@@ -107,14 +107,15 @@ public function switchAction($action, $httpVars, $fileVars)
             case "compress" :
             case "precompress" :
 
+                $archiveName = AJXP_Utils::sanitize(AJXP_Utils::decodeSecureMagic($httpVars["archive_name"]), AJXP_SANITIZE_FILENAME);
                 if (!ConfService::currentContextIsCommandLine() && ConfService::backgroundActionsSupported()) {
                     $opeId = substr(md5(time()),0,10);
                     $httpVars["ope_id"] = $opeId;
                     AJXP_Controller::applyActionInBackground(ConfService::getRepository()->getId(), $action, $httpVars);
                     AJXP_XMLWriter::header();
                     $bgParameters = array(
                         "dir" => $dir,
-                        "archive_name"  => $httpVars["archive_name"],
+                        "archive_name"  => $archiveName,
                         "on_end" => (isSet($httpVars["on_end"])?$httpVars["on_end"]:"reload"),
                         "ope_id" => $opeId
                     );
@@ -148,7 +149,7 @@ public function switchAction($action, $httpVars, $fileVars)
                     }
                 }
                 $cmdSeparator = ((PHP_OS == "WIN32" || PHP_OS == "WINNT" || PHP_OS == "Windows")? "&" : ";");
-                $archiveName = SystemTextEncoding::fromUTF8($httpVars["archive_name"]);
+                //$archiveName = SystemTextEncoding::fromUTF8($httpVars["archive_name"]);
                 if (!$compressLocally) {
                     $archiveName = AJXP_Utils::getAjxpTmpDir()."/".$httpVars["ope_id"]."_".$archiveName;
                 }