summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBrion Vibber <brion@pobox.com>2010-02-01 09:04:13 -0800
committerBrion Vibber <brion@pobox.com>2010-02-01 09:04:13 -0800
commit1625a13b93e1490c3f2a3d6f0dcf2bcaaf4a4c51 (patch)
treec21ba81d34c3db8786e26dc9d87f66b0eda31dbb
parent0787daff2cd3d73ac1a4af2353b35f6199ebff49 (diff)
parent6159edcebbcb1c230113e18788a676035979a4c8 (diff)
Merge remote branch 'statusnet/master' into testing
-rw-r--r--actions/getfile.php2
-rw-r--r--classes/File.php17
2 files changed, 18 insertions, 1 deletions
diff --git a/actions/getfile.php b/actions/getfile.php
index cd327e410..9cbe8e1d9 100644
--- a/actions/getfile.php
+++ b/actions/getfile.php
@@ -71,7 +71,7 @@ class GetfileAction extends Action
$filename = $this->trimmed('filename');
$path = null;
- if ($filename) {
+ if ($filename && File::validFilename($filename)) {
$path = File::path($filename);
}
diff --git a/classes/File.php b/classes/File.php
index c527c4ffe..6dd9e0c06 100644
--- a/classes/File.php
+++ b/classes/File.php
@@ -176,8 +176,22 @@ class File extends Memcached_DataObject
return "$nickname-$datestamp-$random.$ext";
}
+ /**
+ * Validation for as-saved base filenames
+ */
+ static function validFilename($filename)
+ {
+ return preg_match('^/[A-Za-z0-9._-]+$/', $filename);
+ }
+
+ /**
+ * @throws ClientException on invalid filename
+ */
static function path($filename)
{
+ if (!self::validFilename($filename)) {
+ throw new ClientException("Invalid filename");
+ }
$dir = common_config('attachments', 'dir');
if ($dir[strlen($dir)-1] != '/') {
@@ -189,6 +203,9 @@ class File extends Memcached_DataObject
static function url($filename)
{
+ if (!self::validFilename($filename)) {
+ throw new ClientException("Invalid filename");
+ }
if(common_config('site','private')) {
return common_local_url('getfile',