[Libreoffice-commits] online.git: loolwsd/LOOLWSD.cpp
Pranav Kant
pranavk at collabora.co.uk
Thu Jul 21 09:49:18 UTC 2016
loolwsd/LOOLWSD.cpp | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
New commits:
commit f8cc5d3877ff1ba0288d7afe062908ef6265b6b6
Author: Pranav Kant <pranavk at collabora.co.uk>
Date: Thu Jul 21 14:56:26 2016 +0530
loolwsd: security: Sanitize user input in convert-to API
diff --git a/loolwsd/LOOLWSD.cpp b/loolwsd/LOOLWSD.cpp
index 5e01803..49ccb5b 100644
--- a/loolwsd/LOOLWSD.cpp
+++ b/loolwsd/LOOLWSD.cpp
@@ -316,7 +316,10 @@ public:
Path tempPath = Path::forDirectory(TemporaryFile().tempName() + "/");
File(tempPath).createDirectories();
- tempPath.setFileName(params.get("filename"));
+ // Prevent user inputting anything funny here.
+ // A "filename" should always be a filename, not a path
+ const Path filenameParam(params.get("filename"));
+ tempPath.setFileName(filenameParam.getFileName());
_filename = tempPath.toString();
// Copy the stream to _filename.
More information about the Libreoffice-commits
mailing list