You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@roller.apache.org by ag...@apache.org on 2006/10/26 19:43:56 UTC
svn commit: r468075 -
/incubator/roller/trunk/src/org/apache/roller/ui/authoring/struts/actions/UploadFileFormAction.java
Author: agilliland
Date: Thu Oct 26 10:43:55 2006
New Revision: 468075
URL: http://svn.apache.org/viewvc?view=rev&rev=468075
Log:
fixing a couple bugs in upload form.
1. prevent creating of directories with bad character patterns like "/", "\", and ".."
2. fix NPEs if uploading/deleting a null list of files
Modified:
incubator/roller/trunk/src/org/apache/roller/ui/authoring/struts/actions/UploadFileFormAction.java
Modified: incubator/roller/trunk/src/org/apache/roller/ui/authoring/struts/actions/UploadFileFormAction.java
URL: http://svn.apache.org/viewvc/incubator/roller/trunk/src/org/apache/roller/ui/authoring/struts/actions/UploadFileFormAction.java?view=diff&rev=468075&r1=468074&r2=468075
==============================================================================
--- incubator/roller/trunk/src/org/apache/roller/ui/authoring/struts/actions/UploadFileFormAction.java (original)
+++ incubator/roller/trunk/src/org/apache/roller/ui/authoring/struts/actions/UploadFileFormAction.java Thu Oct 26 10:43:55 2006
@@ -129,8 +129,11 @@
String path = theForm.getPath();
String newDir = theForm.getNewDir();
- if(newDir != null && newDir.trim().length() > 0 &&
- newDir.indexOf("/") == -1 && newDir.indexOf("\\") == -1) {
+ if(newDir != null &&
+ newDir.trim().length() > 0 &&
+ newDir.indexOf("/") == -1 &&
+ newDir.indexOf("\\") == -1 &&
+ newDir.indexOf("..") == -1) {
// figure the new directory path
String newDirPath = newDir;
@@ -199,7 +202,8 @@
FileManager fmgr = RollerFactory.getRoller().getFileManager();
List uploaded = new ArrayList();
- if (theForm.getUploadedFiles().length > 0) {
+ if (theForm.getUploadedFiles() != null &&
+ theForm.getUploadedFiles().length > 0) {
// make sure uploads are enabled
if(!RollerRuntimeConfig.getBooleanProperty("uploads.enabled")) {
@@ -236,10 +240,19 @@
fileName = theForm.getPath() + "/" + fileName;
}
+ // make sure fileName is valid
+ if (fileName.indexOf("/") != -1 ||
+ fileName.indexOf("\\") != -1 ||
+ fileName.indexOf("..") != -1) {
+ errors.add(ActionErrors.GLOBAL_ERROR,
+ new ActionError("uploadFiles.error.badPath", fileName));
+ continue;
+ }
+
try {
fmgr.saveFile(website, fileName,
- files[i].getContentType(),
- files[i].getFileSize(),
+ files[i].getContentType(),
+ files[i].getFileSize(),
files[i].getInputStream());
uploaded.add(fileName);
@@ -311,26 +324,28 @@
int numDeleted = 0;
String[] deleteFiles = theForm.getDeleteFiles();
- for (int i=0; i < deleteFiles.length; i++) {
- if (deleteFiles[i].trim().startsWith("/") ||
- deleteFiles[i].trim().startsWith("\\") ||
- deleteFiles[i].indexOf("..") != -1) {
- // ignore absolute paths, or paths that contiain '..'
- } else {
- try {
- fmgr.deleteFile(website, deleteFiles[i]);
- numDeleted++;
- } catch (FileNotFoundException ex) {
- errors.add(ActionErrors.GLOBAL_ERROR,
- new ActionError("uploadFiles.error.badPath"));
- } catch (FilePathException ex) {
- errors.add(ActionErrors.GLOBAL_ERROR,
- new ActionError("uploadFiles.error.badPath"));
- } catch (FileIOException ex) {
- errors.add(ActionErrors.GLOBAL_ERROR,
- new ActionError("uploadFiles.error.delete", deleteFiles[i]));
+ if(deleteFiles != null) {
+ for (int i=0; i < deleteFiles.length; i++) {
+ if (deleteFiles[i].trim().startsWith("/") ||
+ deleteFiles[i].trim().startsWith("\\") ||
+ deleteFiles[i].indexOf("..") != -1) {
+ // ignore absolute paths, or paths that contiain '..'
+ } else {
+ try {
+ fmgr.deleteFile(website, deleteFiles[i]);
+ numDeleted++;
+ } catch (FileNotFoundException ex) {
+ errors.add(ActionErrors.GLOBAL_ERROR,
+ new ActionError("uploadFiles.error.badPath"));
+ } catch (FilePathException ex) {
+ errors.add(ActionErrors.GLOBAL_ERROR,
+ new ActionError("uploadFiles.error.badPath"));
+ } catch (FileIOException ex) {
+ errors.add(ActionErrors.GLOBAL_ERROR,
+ new ActionError("uploadFiles.error.delete", deleteFiles[i]));
+ }
+
}
-
}
}