diff --git a/e107_handlers/media_class.php b/e107_handlers/media_class.php
index a9901fee5..a4903cbdb 100644
--- a/e107_handlers/media_class.php
+++ b/e107_handlers/media_class.php
@@ -2232,6 +2232,7 @@ class e_media
rename("{$filePath}.part", $filePath);
}
+
return $this->processAjaxImport($filePath, $_REQUEST);
}
@@ -2254,6 +2255,13 @@ class e_media
$targetDir = e_IMPORT;
$fileName = basename($filePath);
+
+ if(e107::getFile()->isAllowedType($filePath) !== true)
+ {
+ $this->ajaxUploadLog($filePath, $fileName, filesize($filePath), false, "Unapproved file-type. (".__METHOD__.")");
+ @unlink($filePath);
+ return '{"jsonrpc" : "2.0", "error" : {"code": 120, "message": "Unapproved file-type detected. '.$filePath.'"}, "id" : "id"}';
+ }
if(e107::getFile()->isClean($filePath) !== true)
{
diff --git a/e107_tests/tests/_data/mediaTest/vulnerable.png.svg b/e107_tests/tests/_data/mediaTest/vulnerable.png.svg
new file mode 100644
index 000000000..d24c45aab
--- /dev/null
+++ b/e107_tests/tests/_data/mediaTest/vulnerable.png.svg
@@ -0,0 +1,9 @@
+
+
+
+
\ No newline at end of file
diff --git a/e107_tests/tests/unit/e_mediaTest.php b/e107_tests/tests/unit/e_mediaTest.php
index cad661cb9..665b22e67 100644
--- a/e107_tests/tests/unit/e_mediaTest.php
+++ b/e107_tests/tests/unit/e_mediaTest.php
@@ -26,6 +26,15 @@
$this->fail($e->getMessage());
}
+ $filetypesFile = e_SYSTEM."filetypes.xml";
+
+ $content = '
+
+
+ ';
+
+ file_put_contents($filetypesFile, $content);
+
}
@@ -80,14 +89,41 @@
$json = $this->md->processAjaxImport($file,$var['param']);
$result = json_decode($json, JSON_PRETTY_PRINT);
+
$this->assertNotFalse($result);
-
$this->assertStringEndsWith('/'.basename($var['file']), $result['result']);
-
$this->assertNotEmpty($result['preview']);
}
-
+ $refusalTests = array(
+ 0 => array(
+ 'file' => codecept_data_dir()."mediaTest/vulnerable.png.svg",
+ 'param' => array (
+ 'for' => 'news ',
+ 'w' => '206',
+ 'h' => '190',
+ ),
+ 'error' => 120
+ ),
+ );
+
+ foreach($refusalTests as $index => $var)
+ {
+ $source = $var['file'];
+ $file = e_IMPORT.basename($var['file']);
+ copy($source,$file);
+
+ $json = $this->md->processAjaxImport($file,$var['param']);
+
+ $result = json_decode($json, JSON_PRETTY_PRINT);
+
+ $this->assertNotFalse($result);
+ $this->assertNotEmpty($result['error']);
+ $this->assertNotEmpty($result['error']['code']);
+ $this->assertSame($var['error'], $result['error']['code']);
+ }
+
+
}
diff --git a/install.php b/install.php
index fe0b0ca11..c47776e73 100644
--- a/install.php
+++ b/install.php
@@ -1648,7 +1648,7 @@ if($this->pdo == true)
{
$data = '
-
+
';
return file_put_contents($this->e107->e107_dirs['SYSTEM_DIRECTORY']."filetypes.xml",$data);