Skip to content
Permalink
Browse files

Validate integrity of uploads

This commit adds ability to make sure images are indeed images by checking
image type.
  • Loading branch information...
protich committed Jun 13, 2019
1 parent 539d343 commit eba6fb91388140640de2047a3080d44d77b67590
Showing with 18 additions and 0 deletions.
  1. +18 −0 include/class.forms.php
@@ -2781,6 +2781,9 @@ function ajaxUpload($bypass=false) {
$file = array_shift($files);
$file['name'] = urldecode($file['name']);
if (!$this->isValidFile($file))
Http::response(413, 'Invalid File');
if (!$bypass && !$this->isValidFileType($file['name'], $file['type']))
Http::response(415, 'File type is not allowed');
@@ -2807,6 +2810,9 @@ function uploadFile($file) {
if (!$this->isValidFileType($file['name'], $file['type']))
throw new FileUploadError(__('File type is not allowed'));
if (!$this->isValidFile($file))
throw new FileUploadError(__('Invalid File'));
$config = $this->getConfiguration();
if ($file['size'] > $config['size'])
throw new FileUploadError(__('File size is too large'));
@@ -2842,6 +2848,18 @@ function uploadAttachment(&$file) {
return $F;
}
function isValidFile($file) {
// Check invalid image hacks
if ($file['tmp_name']
&& stripos($file['type'], 'image/') === 0
&& function_exists('exif_imagetype')
&& !exif_imagetype($file['tmp_name']))
return false;
return true;
}
function isValidFileType($name, $type=false) {
$config = $this->getConfiguration();

0 comments on commit eba6fb9

Please sign in to comment.
You can’t perform that action at this time.