Skip to content
Permalink
Browse files Browse the repository at this point in the history
[SECURITY] Prevent directory traversal
Resolves #6
  • Loading branch information
fabarea committed Jul 24, 2016
1 parent e386c24 commit b25d42a
Showing 1 changed file with 7 additions and 5 deletions.
12 changes: 7 additions & 5 deletions Classes/Service/UploadFileService.php
Expand Up @@ -34,33 +34,35 @@ public function getUploadedFileList($property = '')
* Return an array of uploaded files, done in a previous step.
*
* @param string $property
* @throws \Exception
* @return UploadedFile[]
* @throws \InvalidArgumentException
* @throws \RuntimeException
*/
public function getUploadedFiles($property = '')
{

$files = array();
$uploadedFiles = GeneralUtility::trimExplode(',', $this->getUploadedFileList($property), TRUE);

// Convert uploaded files into array
foreach ($uploadedFiles as $uploadedFileName) {

$temporaryFileNameAndPath = UploadManager::UPLOAD_FOLDER . '/' . $uploadedFileName;
// Protection against directory traversal
$uploadedFileName = str_replace('..' . DIRECTORY_SEPARATOR, '', $uploadedFileName);
$temporaryFileNameAndPath = UploadManager::UPLOAD_FOLDER . DIRECTORY_SEPARATOR . $uploadedFileName;

if (!file_exists($temporaryFileNameAndPath)) {
$message = sprintf(
'I could not find file "%s". Something went wrong during the upload? Or is it some cache effect?',
$temporaryFileNameAndPath
);
throw new \Exception($message, 1389550006);
throw new \RuntimeException($message, 1389550006);
}
$fileSize = round(filesize($temporaryFileNameAndPath) / 1000);

/** @var UploadedFile $uploadedFile */
$uploadedFile = GeneralUtility::makeInstance(UploadedFile::class);
$uploadedFile->setTemporaryFileNameAndPath($temporaryFileNameAndPath)
->setFileName($uploadedFileName)
->setFileName(basename($uploadedFileName))
->setSize($fileSize);

$files[] = $uploadedFile;
Expand Down

0 comments on commit b25d42a

Please sign in to comment.