Skip to content
Permalink
Browse files Browse the repository at this point in the history
Don't leave files which fail the upload check in the tmp company logo…
… directory.
  • Loading branch information
JimMackin committed May 15, 2015
1 parent bac37f5 commit b1b3fd6
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions modules/Configurator/UploadFileCheck.php
Expand Up @@ -79,6 +79,7 @@
if(!verify_uploaded_image($file_name, $returnArray['forQuotes'] == 'quotes')) {
$returnArray['data']='other';
$returnArray['path'] = '';
unlink($file_name);
} else {
$img_size = getimagesize($file_name);
$filetype = $img_size['mime'];
Expand Down

2 comments on commit b1b3fd6

@JimMackin
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Alternate fix for #251. As mentioned in the PR we also want to add whitelisting rather than blacklisting.

@0x27
Copy link

@0x27 0x27 commented on b1b3fd6 May 20, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do note, this fix could lead to the file being there for a short period of time leading to a race condition wherin the attacker simply has to beat the unlink to the punch and spawn a reverse shell/drop further malicious files/whatever.

Please sign in to comment.