external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 09:43:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Protect users against ZIP bombs (fixes FS#22991).

Browse source 
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This commit is contained in:
Lukas Fleischer 2011-02-22 19:46:51 +01:00
parent f961ffd9c7
commit 09d8128f99
2 changed files with 17 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

12
web/html/pkgsubmit.php
View file

@ -26,6 +26,18 @@ if ($_COOKIE["AURSID"]):
$error = __("Error - No file uploaded");
}
# Check uncompressed file size (ZIP bomb protection)
if (!$error && $MAX_FILESIZE_UNCOMPRESSED) {
$fh = fopen($_FILES['pfile']['tmp_name'], 'rb');
fseek($fh, -4, SEEK_END);
$filesize_uncompressed = end(unpack('V', fread($fh, 4)));
fclose($fh);
if ($filesize_uncompressed > $MAX_FILESIZE_UNCOMPRESSED) {
$error = __("Error - uncompressed file size too large.");
}
}
$uid = uid_from_sid($_COOKIE['AURSID']);
if (!$error) {