diff options
author | David Rothstein <drothstein@gmail.com> | 2014-11-03 10:11:56 -0500 |
---|---|---|
committer | David Rothstein <drothstein@gmail.com> | 2014-11-03 10:11:56 -0500 |
commit | c401ec33e847ec2710ef6914625ca63a3e5663b4 (patch) | |
tree | d8d4a4c29f05163ec6b94283199731ed4f39ca43 | |
parent | 0b4c3b17e2209b1804a7b6b5974e5217c3e2a87e (diff) | |
download | brdo-c401ec33e847ec2710ef6914625ca63a3e5663b4.tar.gz brdo-c401ec33e847ec2710ef6914625ca63a3e5663b4.tar.bz2 |
Issue #2112247 by sihv, mitsuroseba, dgroene, aalamaki, Dennis Walgaard, mErilainen: Fixed Valid file extensions in file names are not properly enforced when uploading files with non-lowercase names.
-rw-r--r-- | includes/file.inc | 4 | ||||
-rw-r--r-- | modules/simpletest/tests/file.test | 11 |
2 files changed, 10 insertions, 5 deletions
diff --git a/includes/file.inc b/includes/file.inc index fb2685659..803661f4d 100644 --- a/includes/file.inc +++ b/includes/file.inc @@ -1152,7 +1152,7 @@ function file_munge_filename($filename, $extensions, $alerts = TRUE) { // Remove any null bytes. See http://php.net/manual/security.filesystem.nullbytes.php $filename = str_replace(chr(0), '', $filename); - $whitelist = array_unique(explode(' ', trim($extensions))); + $whitelist = array_unique(explode(' ', strtolower(trim($extensions)))); // Split the filename up by periods. The first part becomes the basename // the last part the final extension. @@ -1165,7 +1165,7 @@ function file_munge_filename($filename, $extensions, $alerts = TRUE) { // of allowed extensions. foreach ($filename_parts as $filename_part) { $new_filename .= '.' . $filename_part; - if (!in_array($filename_part, $whitelist) && preg_match("/^[a-zA-Z]{2,5}\d?$/", $filename_part)) { + if (!in_array(strtolower($filename_part), $whitelist) && preg_match("/^[a-zA-Z]{2,5}\d?$/", $filename_part)) { $new_filename .= '_'; } } diff --git a/modules/simpletest/tests/file.test b/modules/simpletest/tests/file.test index 0e66775a9..b75327f11 100644 --- a/modules/simpletest/tests/file.test +++ b/modules/simpletest/tests/file.test @@ -2556,6 +2556,7 @@ class FileNameMungingTest extends FileTestCase { parent::setUp(); $this->bad_extension = 'php'; $this->name = $this->randomName() . '.' . $this->bad_extension . '.txt'; + $this->name_with_uc_ext = $this->randomName() . '.' . strtoupper($this->bad_extension) . '.txt'; } /** @@ -2593,9 +2594,13 @@ class FileNameMungingTest extends FileTestCase { * White listed extensions are ignored by file_munge_filename(). */ function testMungeIgnoreWhitelisted() { - // Declare our extension as whitelisted. - $munged_name = file_munge_filename($this->name, $this->bad_extension); - $this->assertIdentical($munged_name, $this->name, format_string('The new filename (%munged) matches the original (%original) once the extension has been whitelisted.', array('%munged' => $munged_name, '%original' => $this->name))); + // Declare our extension as whitelisted. The declared extensions should + // be case insensitive so test using one with a different case. + $munged_name = file_munge_filename($this->name_with_uc_ext, $this->bad_extension); + $this->assertIdentical($munged_name, $this->name_with_uc_ext, format_string('The new filename (%munged) matches the original (%original) once the extension has been whitelisted.', array('%munged' => $munged_name, '%original' => $this->name_with_uc_ext))); + // The allowed extensions should also be normalized. + $munged_name = file_munge_filename($this->name, strtoupper($this->bad_extension)); + $this->assertIdentical($munged_name, $this->name, format_string('The new filename (%munged) matches the original (%original) also when the whitelisted extension is in uppercase.', array('%munged' => $munged_name, '%original' => $this->name))); } /** |