Feodor2
/
Mypal
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[network/dom] Improve sanitization of download filenames.

master
Fedor 2020-08-12 09:53:06 +03:00
parent f1bb542101
commit a57cdde4f1
4 changed files with 26 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
dom/base/nsContentUtils.cpp
View File

@ -5123,6 +5123,14 @@ nsContentUtils::TriggerLink(nsIContent *aContent, nsPresContext *aPresContext,
fileName.SetIsVoid(true); // No actionable download attribute was found.
}
// Sanitize fileNames containing control characters by replacing them with
// underscores.
if (!fileName.IsVoid()) {
for (int i = 0; i < 32; i++) {
fileName.ReplaceChar(char16_t(i), '_');
}
}
handler->OnLinkClick(aContent, aLinkURI,
fileName.IsVoid() ? aTargetSpec.get() : EmptyString().get(),
fileName, nullptr, nullptr, aIsTrusted, aContent->NodePrincipal());

6
netwerk/base/nsBaseChannel.cpp
View File

@ -579,6 +579,12 @@ NS_IMETHODIMP
nsBaseChannel::SetContentDispositionFilename(const nsAString &aContentDispositionFilename)
{
mContentDispositionFilename = new nsString(aContentDispositionFilename);
// For safety reasons ensure the filename doesn't contain null characters and
// replace them with underscores. We may later pass the extension to system
// MIME APIs that expect null terminated strings.
mContentDispositionFilename->ReplaceChar(char16_t(0), '_');
return NS_OK;
}

6
netwerk/protocol/http/HttpBaseChannel.cpp
View File

@ -562,6 +562,12 @@ NS_IMETHODIMP
HttpBaseChannel::SetContentDispositionFilename(const nsAString& aContentDispositionFilename)
{
mContentDispositionFilename = new nsString(aContentDispositionFilename);
// For safety reasons ensure the filename doesn't contain null characters and
// replace them with underscores. We may later pass the extension to system
// MIME APIs that expect null terminated strings.
mContentDispositionFilename->ReplaceChar(char16_t(0), '_');
return NS_OK;
}

9
uriloader/exthandler/nsExternalHelperAppService.cpp
View File

@ -1218,9 +1218,12 @@ nsExternalAppHandler::nsExternalAppHandler(nsIMIMEInfo * aMIMEInfo,
mTempFileExtension = char16_t('.');
AppendUTF8toUTF16(aTempFileExtension, mTempFileExtension);
// replace platform specific path separator and illegal characters to avoid any confusion
mSuggestedFileName.ReplaceChar(KNOWN_PATH_SEPARATORS FILE_ILLEGAL_CHARACTERS, '_');
mTempFileExtension.ReplaceChar(KNOWN_PATH_SEPARATORS FILE_ILLEGAL_CHARACTERS, '_');
// Replace platform specific path separator and illegal characters to avoid any confusion
mSuggestedFileName.ReplaceChar(KNOWN_PATH_SEPARATORS, '_');
mSuggestedFileName.ReplaceChar(FILE_ILLEGAL_CHARACTERS, ' ');
mSuggestedFileName.ReplaceChar(char16_t(0), '_');
mTempFileExtension.ReplaceChar(KNOWN_PATH_SEPARATORS, '_');
mTempFileExtension.ReplaceChar(FILE_ILLEGAL_CHARACTERS, ' ');
// Remove unsafe bidi characters which might have spoofing implications (bug 511521).
const char16_t unsafeBidiCharacters[] = {