buzzert/Kordophone
Private
Public Access
1
0
Fork 0
Code Packages Activity

uploadAttachment: [Security] sanitize incoming filename

Browse Source
This commit is contained in:
James Magahern
2024-03-29 17:08:04 -07:00
parent b7312bccb9
commit 030e86e205
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
kordophone/Bridge/Operations/MBIMUploadAttachmentOperation.m
View File

@@ -38,7 +38,14 @@
break;
}
NSString *localPath = [NSTemporaryDirectory() stringByAppendingPathComponent:filename];
// Sanitize filename
NSCharacterSet *dotCharacter = [NSCharacterSet characterSetWithCharactersInString:@"."];
NSCharacterSet *illegalFileNameCharacters = [NSCharacterSet characterSetWithCharactersInString:@"/\\?%*|\"<>"];
NSString *sanitizedFilename = [[[filename componentsSeparatedByCharactersInSet:illegalFileNameCharacters]
componentsJoinedByString:@"-"]
stringByTrimmingCharactersInSet:dotCharacter];
NSString *localPath = [NSTemporaryDirectory() stringByAppendingPathComponent:sanitizedFilename];
NSURL *localURL = [NSURL fileURLWithPath:localPath];
BOOL success = [attachmentData writeToURL:localURL atomically:NO];
if (!success) {