localhorst/e-commerce
Archived
4
1
Fork 0
Code Issues Pull Requests Releases 2 Wiki Activity

[HOTFIX] Prevent path directory traversal attack for deploy

Browse Source
This commit is contained in:
CodeSteak 2020-06-14 15:54:56 +02:00
parent 76550be9e7
commit 15616e05f3
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
prototype/src/main/java/org/hso/ecommerce/controller/shop/ShopArticleController.java
View File

@ -16,6 +16,7 @@ import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession; import javax.servlet.http.HttpSession;
import java.io.File;
import java.io.FileInputStream; import java.io.FileInputStream;
import java.io.IOException; import java.io.IOException;
import java.io.InputStream; import java.io.InputStream;
@ -102,9 +103,14 @@ public class ShopArticleController {
Article article = articleRepository.findArticleById(id); Article article = articleRepository.findArticleById(id);
if(article.image != null) { if(article.image != null) {
InputStream in = new FileInputStream(article.image.path); File file = new File(article.image.path);
response.setContentType(MediaType.IMAGE_JPEG_VALUE); if (file.getCanonicalPath().startsWith("./data/img/")) {
IOUtils.copy(in, response.getOutputStream()); InputStream in = new FileInputStream(file);
response.setContentType(MediaType.IMAGE_JPEG_VALUE);
IOUtils.copy(in, response.getOutputStream());
} else {
throw new RuntimeException("Got illegal file path. DB was modified.");
}
} }
} }
} }