mirror of
https://github.com/phpbb/phpbb.git
synced 2025-08-08 17:56:52 +02:00
And more new features for reasonable paranoia.
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8555 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Henry Sudhof
@@ -117,7 +117,9 @@ class acp_attachments
|
||||
'max_attachments_pm' => array('lang' => 'MAX_ATTACHMENTS_PM', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => false),
|
||||
'secure_downloads' => array('lang' => 'SECURE_DOWNLOADS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
|
||||
'secure_allow_deny' => array('lang' => 'SECURE_ALLOW_DENY', 'validate' => 'int', 'type' => 'custom', 'method' => 'select_allow_deny', 'explain' => true),
|
||||
'secure_allow_empty_referer' => array('lang' => 'SECURE_EMPTY_REFERRER', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
|
||||
'secure_allow_empty_referer' => array('lang' => 'SECURE_EMPTY_REFERRER', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
|
||||
'check_attachment_content' => array('lang' => 'CHECK_CONTENT', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
|
||||
|
||||
|
||||
'legend2' => $l_legend_cat_images,
|
||||
'img_display_inlined' => array('lang' => 'DISPLAY_INLINED', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
|
||||
|
||||
@@ -358,6 +358,11 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage
|
||||
include_once($phpbb_root_path . 'includes/functions_upload.' . $phpEx);
|
||||
$upload = new fileupload();
|
||||
|
||||
if ($config['check_attachment_content'])
|
||||
{
|
||||
$upload->set_disallowed_content(explode('|', $config['mime_triggers']));
|
||||
}
|
||||
|
||||
if (!$local)
|
||||
{
|
||||
$filedata['post_attach'] = ($upload->is_valid($form_name)) ? true : false;
|
||||
|
||||
@@ -228,6 +228,34 @@ class filespec
|
||||
{
|
||||
return @filesize($filename);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Check the first 256 bytes for forbidden content
|
||||
*/
|
||||
function check_content($disallowed_content)
|
||||
{
|
||||
if (empty($disallowed_content))
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
$fp = @fopen($this->filename, 'rb');
|
||||
|
||||
if ($fp !== false)
|
||||
{
|
||||
$ie_mime_relevant = fread($fp, 256);
|
||||
fclose($fp);
|
||||
foreach ($disallowed_content as $forbidden)
|
||||
{
|
||||
if (stripos($ie_mime_relevant, '<' . $forbidden) !== false)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Move file to destination folder
|
||||
@@ -427,6 +455,7 @@ class fileerror extends filespec
|
||||
class fileupload
|
||||
{
|
||||
var $allowed_extensions = array();
|
||||
var $disallowed_content = array();
|
||||
var $max_filesize = 0;
|
||||
var $min_width = 0;
|
||||
var $min_height = 0;
|
||||
@@ -446,12 +475,13 @@ class fileupload
|
||||
* @param int $max_height Maximum image height (only checked for images)
|
||||
*
|
||||
*/
|
||||
function fileupload($error_prefix = '', $allowed_extensions = false, $max_filesize = false, $min_width = false, $min_height = false, $max_width = false, $max_height = false)
|
||||
function fileupload($error_prefix = '', $allowed_extensions = false, $max_filesize = false, $min_width = false, $min_height = false, $max_width = false, $max_height = false, $disallowed_content = false)
|
||||
{
|
||||
$this->set_allowed_extensions($allowed_extensions);
|
||||
$this->set_max_filesize($max_filesize);
|
||||
$this->set_allowed_dimensions($min_width, $min_height, $max_width, $max_height);
|
||||
$this->set_error_prefix($error_prefix);
|
||||
$this->set_disallowed_content($disallowed_content);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -463,6 +493,7 @@ class fileupload
|
||||
$this->min_width = $this->min_height = $this->max_width = $this->max_height = 0;
|
||||
$this->error_prefix = '';
|
||||
$this->allowed_extensions = array();
|
||||
$this->disallowed_content = array();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -497,6 +528,17 @@ class fileupload
|
||||
$this->max_filesize = (int) $max_filesize;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Set disallowed strings
|
||||
*/
|
||||
function set_disallowed_content($disallowed_content)
|
||||
{
|
||||
if ($disallowed_content !== false && is_array($disallowed_content))
|
||||
{
|
||||
$this->disallowed_content = $disallowed_content;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Set error prefix
|
||||
@@ -830,6 +872,12 @@ class fileupload
|
||||
{
|
||||
$file->error[] = sprintf($user->lang[$this->error_prefix . 'DISALLOWED_EXTENSION'], $file->get('extension'));
|
||||
}
|
||||
|
||||
// MIME Sniffing
|
||||
if (!$this->valid_content($file))
|
||||
{
|
||||
$file->error[] = sprintf($user->lang[$this->error_prefix . 'DISALLOWED_CONTENT']);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -869,6 +917,15 @@ class fileupload
|
||||
return (isset($_FILES[$form_name]) && $_FILES[$form_name]['name'] != 'none') ? true : false;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Check for allowed extension
|
||||
*/
|
||||
function valid_content(&$file)
|
||||
{
|
||||
return ($file->check_content($this->disallowed_content));
|
||||
}
|
||||
|
||||
/**
|
||||
* Return image type/extension mapping
|
||||
*/
|
||||
|
||||
@@ -1952,7 +1952,7 @@ function avatar_upload($data, &$error)
|
||||
|
||||
// Init upload class
|
||||
include_once($phpbb_root_path . 'includes/functions_upload.' . $phpEx);
|
||||
$upload = new fileupload('AVATAR_', array('jpg', 'jpeg', 'gif', 'png'), $config['avatar_filesize'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height']);
|
||||
$upload = new fileupload('AVATAR_', array('jpg', 'jpeg', 'gif', 'png'), $config['avatar_filesize'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], explode('|', $config['mime_triggers']));
|
||||
|
||||
if (!empty($_FILES['uploadfile']['name']))
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user