[Libreoffice-commits] online.git: Branch 'distro/collabora/milestone-7' - loolwsd/LOOLWSD.cpp

Wed Jan 13 07:36:39 PST 2016

loolwsd/LOOLWSD.cpp |   34 +++++++++++++++++++++++++---------
 1 file changed, 25 insertions(+), 9 deletions(-)

New commits:
commit 2532c4d6048f2fea2df3ef2ce09e5df7171b9bcb
Author: Jan Holesovsky <kendy at collabora.com>
Date:   Wed Jan 13 16:35:55 2016 +0100

    loolwsd: More protection when inserting image.

diff --git a/loolwsd/LOOLWSD.cpp b/loolwsd/LOOLWSD.cpp
index 87e1dbe..1043a74 100644
--- a/loolwsd/LOOLWSD.cpp
+++ b/loolwsd/LOOLWSD.cpp
@@ -298,16 +298,32 @@ public:
                 std::string tmpPath;
                 ConvertToPartHandler handler(tmpPath);
                 Poco::Net::HTMLForm form(request, request.stream(), handler);
-                if (form.has("childid") && form.has("name"))
-                {
-                    std::string dirPath = LOOLWSD::childRoot + Path::separator() + form.get("childid") + LOOLSession::jailDocumentURL +
-                        Path::separator() + "insertfile";
-                    File(dirPath).createDirectories();
-                    std::string fileName = dirPath + Path::separator() + form.get("name");
-                    File(tmpPath).moveTo(fileName);
 
-                    response.setStatus(HTTPResponse::HTTP_OK);
-                    response.send();
+                bool goodRequest = form.has("childid") && form.has("name");
+                std::string formName(form.get("name"));
+
+                if (goodRequest && formName.find('/') != std::string::npos)
+                    goodRequest = false;
+
+                if (goodRequest)
+                {
+                    try {
+                        std::cout << Util::logPrefix() << "Perform insertfile: " << form.get("childid") << ", " << form.get("name") << std::endl;
+                        std::string dirPath = LOOLWSD::childRoot + Path::separator() + form.get("childid") + LOOLSession::jailDocumentURL +
+                            Path::separator() + "insertfile";
+                        File(dirPath).createDirectories();
+                        std::string fileName = dirPath + Path::separator() + formName;
+                        File(tmpPath).moveTo(fileName);
+
+                        response.setStatus(HTTPResponse::HTTP_OK);
+                        response.send();
+                    }
+                    catch (const IOException& exc)
+                    {
+                        Application::instance().logger().error(Util::logPrefix() + "IOException: " + exc.message());
+                        response.setStatus(HTTPResponse::HTTP_BAD_REQUEST);
+                        response.send();
+                    }
                 }
                 else
                 {
