[Libreoffice-commits] online.git: Branch 'distro/collabora/milestone-7' - loolwsd/LOOLWSD.cpp
Jan Holesovsky
kendy at collabora.com
Wed Jan 13 07:55:10 PST 2016
loolwsd/LOOLWSD.cpp | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
New commits:
commit 1d2ec09cb8da03f1419391518e2b5aef383c65ce
Author: Jan Holesovsky <kendy at collabora.com>
Date: Wed Jan 13 16:54:19 2016 +0100
loolwsd: More protection when inserting image.
diff --git a/loolwsd/LOOLWSD.cpp b/loolwsd/LOOLWSD.cpp
index 1043a74..c1434e1 100644
--- a/loolwsd/LOOLWSD.cpp
+++ b/loolwsd/LOOLWSD.cpp
@@ -300,16 +300,18 @@ public:
Poco::Net::HTMLForm form(request, request.stream(), handler);
bool goodRequest = form.has("childid") && form.has("name");
+ std::string formChildid(form.get("childid"));
std::string formName(form.get("name"));
- if (goodRequest && formName.find('/') != std::string::npos)
+ // protect against attempts to inject something funny here
+ if (goodRequest && formChildid.find('/') != std::string::npos && formName.find('/') != std::string::npos)
goodRequest = false;
if (goodRequest)
{
try {
- std::cout << Util::logPrefix() << "Perform insertfile: " << form.get("childid") << ", " << form.get("name") << std::endl;
- std::string dirPath = LOOLWSD::childRoot + Path::separator() + form.get("childid") + LOOLSession::jailDocumentURL +
+ std::cout << Util::logPrefix() << "Perform insertfile: " << formChildid << ", " << formName << std::endl;
+ std::string dirPath = LOOLWSD::childRoot + Path::separator() + formChildid + LOOLSession::jailDocumentURL +
Path::separator() + "insertfile";
File(dirPath).createDirectories();
std::string fileName = dirPath + Path::separator() + formName;
More information about the Libreoffice-commits
mailing list