Skip to content
Permalink
Browse files

fixed bug #20339, sanitize svg

  • Loading branch information...
alex40724 committed Apr 5, 2017
1 parent d4ac6f4 commit ac223e9a91ffbdf07358afc4c7713d95732a9979
@@ -371,6 +371,8 @@ function importRecord($a_entity, $a_types, $a_rec, $a_mapping, $a_schema_version
$target_dir = $dir = ilObjMediaObject::_getDirectory($newObj->getId());
ilUtil::rCopy($source_dir, $target_dir);
ilObjMediaObject::renameExecutables($target_dir);
include_once("./Services/MediaObjects/classes/class.ilMediaSvgSanitizer.php");
ilMediaSvgSanitizer::sanitizeDir($target_dir); // see #20339
}
$a_mapping->addMapping("Services/MediaObjects", "mob", $a_rec["Id"], $newObj->getId());
@@ -0,0 +1,56 @@
<?php
/* Copyright (c) 1998-2017 ILIAS open source, GPL, see docs/LICENSE */
use enshrined\svgSanitize\Sanitizer;
/**
* Small wrapper for svg sanitizer
*
* @author Alex Killing <alex.killing@gmx.de>
* @version $Id$
*
* @ingroup ServicesMediaObjects
*/
class ilMediaSvgSanitizer
{
/**
* Sanitize (temporary solution for sec issue 20339, ILIAS 5.0-5.2, not using composer autoloading yet)
*
* @param string $a_file file to be sanitized
*/
static function sanitizeFile($a_file)
{
include_once("./Services/MediaObjects/lib/svg-sanitizer-master/src/data/AttributeInterface.php");
include_once("./Services/MediaObjects/lib/svg-sanitizer-master/src/data/TagInterface.php");
include_once("./Services/MediaObjects/lib/svg-sanitizer-master/src/data/AllowedTags.php");
include_once("./Services/MediaObjects/lib/svg-sanitizer-master/src/data/AllowedAttributes.php");
include_once("./Services/MediaObjects/lib/svg-sanitizer-master/src/Sanitizer.php");
$sanitizer = new Sanitizer();
$dirtySVG = file_get_contents($a_file);
$cleanSVG = $sanitizer->sanitize($dirtySVG);
file_put_contents($a_file, $cleanSVG);
}
/**
* Sanitize directory recursively
*
* @param $a_path
*/
static function sanitizeDir($a_path)
{
$path = realpath($a_path);
$objects = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path), RecursiveIteratorIterator::SELF_FIRST);
foreach($objects as $name => $object)
{
if (strtolower(pathinfo($name, PATHINFO_EXTENSION)) == "svg")
{
self::sanitizeFile($name);
}
}
}
}
?>
@@ -1686,6 +1686,9 @@ public static function _saveTempFileAsMediaObject($name, $tmp_name, $upload = TR
$media_item->setHAlign("Left");
self::renameExecutables($mob_dir);
include_once("./Services/MediaObjects/classes/class.ilMediaSvgSanitizer.php");
ilMediaSvgSanitizer::sanitizeDir($mob_dir); // see #20339
$media_object->update();
return $media_object;
@@ -1705,6 +1708,9 @@ function uploadAdditionalFile($a_name, $tmp_name, $a_subdir = "", $a_mode = "mov
ilUtil::makeDirParents($dir);
ilUtil::moveUploadedFile($tmp_name, $a_name, $dir."/".$a_name, true, $a_mode);
self::renameExecutables($mob_dir);
include_once("./Services/MediaObjects/classes/class.ilMediaSvgSanitizer.php");
ilMediaSvgSanitizer::sanitizeDir($mob_dir); // see #20339
}
/**
@@ -176,6 +176,8 @@ function executeCommand()
ilObjMediaObject::renameExecutables(ilObjMediaObject::_getDirectory($this->object->getId())); // see #20187
$ret = $this->ctrl->forwardCommand($fs_gui);
ilObjMediaObject::renameExecutables(ilObjMediaObject::_getDirectory($this->object->getId())); // see #20187
include_once("./Services/MediaObjects/classes/class.ilMediaSvgSanitizer.php");
ilMediaSvgSanitizer::sanitizeDir(ilObjMediaObject::_getDirectory($this->object->getId())); // see #20339
break;
@@ -799,6 +801,8 @@ static function setObjectPerCreationForm($a_mob)
}
ilObjMediaObject::renameExecutables($mob_dir);
include_once("./Services/MediaObjects/classes/class.ilMediaSvgSanitizer.php");
ilMediaSvgSanitizer::sanitizeDir($mob_dir); // see #20339
$a_mob->update();
}
@@ -1146,7 +1150,9 @@ function savePropertiesObject()
}
ilObjMediaObject::renameExecutables(ilObjMediaObject::_getDirectory($this->object->getId()));
include_once("./Services/MediaObjects/classes/class.ilMediaSvgSanitizer.php");
ilMediaSvgSanitizer::sanitizeDir(ilObjMediaObject::_getDirectory($this->object->getId())); // see #20339
$this->object->update();
ilUtil::sendSuccess($lng->txt("msg_obj_modified"), true);
$this->ctrl->redirect($this, "edit");
@@ -1391,6 +1397,9 @@ function uploadFileObject()
}
ilObjMediaObject::renameExecutables($mob_dir);
include_once("./Services/MediaObjects/classes/class.ilMediaSvgSanitizer.php");
ilMediaSvgSanitizer::sanitizeDir($mob_dir); // see #20339
$this->ctrl->saveParameter($this, "cdir");
$this->ctrl->redirect($this, "editFiles");
}
@@ -0,0 +1,2 @@
/vendor
/build
@@ -0,0 +1,19 @@
language: php
php:
- 5.3
- 5.4
- 5.5
- 5.6
- 7.0
- hhvm

before_script:
- composer install --dev

addons:
code_climate:
repo_token: c051f6d29cce2d4ab0d6dfa460798b050cced025311f94ab3ba1ed50c7ceb31e

after_script:
- CODECLIMATE_REPO_TOKEN="c051f6d29cce2d4ab0d6dfa460798b050cced025311f94ab3ba1ed50c7ceb31e" vendor/bin/test-reporter --stdout > build/logs/codeclimate.json
- "curl --verbose -X POST -d @build/logs/codeclimate.json -H 'Content-Type: application/json' -H 'User-Agent: Code Climate (PHP Test Reporter v0.1.1)' https://codeclimate.com/test_reports"

0 comments on commit ac223e9

Please sign in to comment.
You can’t perform that action at this time.