Permalink
Browse files

Fix possibility for spoofed files to pass validation.

Use `is_uploaded_file` to prevent crafty requests that contain bogus
files from getting through.
  • Loading branch information...
markstory committed Mar 29, 2016
1 parent 707d50b commit b14a6814d8db49baa6d2a468ad36e88a00cdbfb5
@@ -1004,7 +1004,7 @@ public static function uploadedFile($file, array $options = [])
if (isset($options['types']) && !static::mimeType($file, $options['types'])) {
return false;
}
return true;
return is_uploaded_file($file['tmp_name']);
}
/**
@@ -20,6 +20,8 @@
use Cake\Validation\Validation;
use Locale;
require_once __DIR__ . '/stubs.php';
/**
* Test Case for Validation Class
*
@@ -0,0 +1,28 @@
<?php
/**
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
* Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
*
* Licensed under The MIT License
* For full copyright and license information, please see the LICENSE.txt
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
* @link http://cakephp.org CakePHP(tm) Project
* @since 3.2.5
* @license http://www.opensource.org/licenses/mit-license.php MIT License
*/
namespace Cake\Validation {
/**
* Use namespace injection to overwrite is_uploaded_file()
* during tests.
*
* @param string $filename The file to check.
* @return bool Whether or not the file exists.
*/
function is_uploaded_file($filename)
{
return file_exists($filename);
}
}

0 comments on commit b14a681

Please sign in to comment.