summaryrefslogtreecommitdiffstats
path: root/web/html
diff options
context:
space:
mode:
authorLukas Fleischer <archlinux@cryptocrack.de>2011-02-22 19:46:51 +0100
committerLukas Fleischer <archlinux@cryptocrack.de>2011-02-23 11:17:27 +0100
commit09d8128f99c2edc27dd81efc63e9b3c797603ca1 (patch)
treee2a29431b1eae9c469415d2f6b9757622c31ca7c /web/html
parentf961ffd9c7f2d3d51d3e3b060990a4fef9e56c1b (diff)
downloadaurweb-09d8128f99c2edc27dd81efc63e9b3c797603ca1.tar.xz
Protect users against ZIP bombs (fixes FS#22991).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/html')
-rw-r--r--web/html/pkgsubmit.php12
1 files changed, 12 insertions, 0 deletions
diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php
index df7c467..17e1967 100644
--- a/web/html/pkgsubmit.php
+++ b/web/html/pkgsubmit.php
@@ -26,6 +26,18 @@ if ($_COOKIE["AURSID"]):
$error = __("Error - No file uploaded");
}
+ # Check uncompressed file size (ZIP bomb protection)
+ if (!$error && $MAX_FILESIZE_UNCOMPRESSED) {
+ $fh = fopen($_FILES['pfile']['tmp_name'], 'rb');
+ fseek($fh, -4, SEEK_END);
+ $filesize_uncompressed = end(unpack('V', fread($fh, 4)));
+ fclose($fh);
+
+ if ($filesize_uncompressed > $MAX_FILESIZE_UNCOMPRESSED) {
+ $error = __("Error - uncompressed file size too large.");
+ }
+ }
+
$uid = uid_from_sid($_COOKIE['AURSID']);
if (!$error) {