moparisthebest/wallabag
1
0
Fork 0
mirror of https://github.com/moparisthebest/wallabag synced 2024-11-27 11:22:17 -05:00
Code Issues Releases Wiki Activity

Security fix for Download Images

Browse Source
This commit is contained in:
tcit 2014-05-18 22:11:56 +02:00
parent becc5bfbf2
commit 007f26e582
1 changed files with 33 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
inc/poche/pochePictures.php
View File

@ -72,9 +72,39 @@ function download_pictures($absolute_path, $fullpath)
if(file_exists($fullpath)) { if(file_exists($fullpath)) {
unlink($fullpath); unlink($fullpath);
} }
$fp = fopen($fullpath, 'x');
fwrite($fp, $rawdata); // check extension
fclose($fp); $file_ext = strrchr($fullpath, '.');
$whitelist = array(".jpg",".jpeg",".gif",".png");
if (!(in_array($file_ext, $whitelist))) {
Tools::logm('processed image with not allowed extension. Skipping ' . $fullpath);
} else {
// check headers
$imageinfo = getimagesize($absolute_path);
if ($imageinfo['mime'] != 'image/gif' && $imageinfo['mime'] != 'image/jpeg'&& $imageinfo['mime'] != 'image/jpg'&& $imageinfo['mime'] != 'image/png') {
Tools::logm('processed image with bad header. Skipping ' . $fullpath);
} else {
// regenerate image
$im = imagecreatefromstring($rawdata);
if ($im) {
switch ($imageinfo['mime']) {
case 'image/gif':
imagegif($im, $fullpath);
break;
case 'image/jpeg':
case 'image/jpg':
imagejpeg($im, $fullpath); // default quality is 75%
break;
case 'image/png':
imagepng($im, $fullpath);
break;
}
imagedestroy($im);
} else {
Tools::logm('error while regenerating image ' . $fullpath);
}
}
}
} }
/** /**