Skip to content

Commit ffd668a

Browse files
committed
Fixing XSS on file names that fail to upload
1 parent 341ddd7 commit ffd668a

File tree

1 file changed

+4
-3
lines changed

1 file changed

+4
-3
lines changed

Diff for: core/admin/ajax/file-browser/upload.php

+4-3
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,7 @@
4848
// Throw a growl error
4949
if ($error) {
5050
$file_name = htmlspecialchars($file_name);
51+
5152
if ($error == 2 || $error == 1) {
5253
$errors[] = $file_name." was too large ".BigTree::formatBytes(BigTree::uploadMaxFileSize())." max)";
5354
} else {
@@ -79,9 +80,9 @@
7980
// If we failed, either cloud storage upload failed, directory permissions are bad, or the file type isn't permitted
8081
if (!$file) {
8182
if ($storage->DisabledFileError) {
82-
$errors[] = "$file_name has a disallowed extension: $extension.";
83+
$errors[] = htmlspecialchars($file_name)." has a disallowed extension: $extension.";
8384
} else {
84-
$errors[] = "Uploading $file_name failed (unknown error).";
85+
$errors[] = "Uploading ".htmlspecialchars($file_name)." failed (unknown error).";
8586
}
8687
// Otherwise make the database entry for the file we uplaoded.
8788
} else {
@@ -138,7 +139,7 @@
138139
}
139140
} else {
140141
$last_error = array_pop($bigtree["errors"]);
141-
$errors[] = $last_error["error"];
142+
$errors[] = BigTree::safeEncode($last_error["error"]);
142143
}
143144
}
144145
}

0 commit comments

Comments
 (0)