Skip to content

Commit

Permalink
Security: sanitize file name when uploading chunks with bigUpload
Browse files Browse the repository at this point in the history
  • Loading branch information
@AngelFQC
AngelFQC committed Sep 5, 2023
1 parent ed72914 commit 3d74fb7
Showing 1 changed file with 5 additions and 2 deletions.
7 changes: 5 additions & 2 deletions main/inc/ajax/document.ajax.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,9 +59,12 @@
}
if (!empty($fileList)) {
foreach ($fileList as $n => $file) {
$tmpFile = $tempDirectory.$file['name'];
$tmpFile = disable_dangerous_file(
api_replace_dangerous_char($file['name'])
);

file_put_contents(
$tmpFile,
$tempDirectory.$tmpFile,
fopen($file['tmp_name'], 'r'),
FILE_APPEND
);
Expand Down

1 comment on commit 3d74fb7

@KrSi78
Copy link

@KrSi78 KrSi78 commented on 3d74fb7 Nov 28, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is only a partial fix. The same patch has to be applied when the file upload is done, otherwise an error is raised (search for chunkAction around line 157).

Please sign in to comment.