nsinnovations/fusionpbx
2
0
Fork 0
mirror of https://github.com/fusionpbx/fusionpbx.git synced 2026-01-06 11:43:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Change the fax file name to md5 to avoid characters that present a security risk.

Browse Source
This commit is contained in:
FusionPBX
2021-11-03 15:30:01 -06:00
committed by GitHub
parent 57b7bf0d6b
commit 487afc371e
1 changed files with 4 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
app/fax/fax_send.php
View File

@@ -351,28 +351,10 @@ if (!function_exists('fax_split_dtmf')) {
$disallowed_file_extensions = explode(',','sh,ssh,so,dll,exe,bat,vbs,zip,rar,z,tar,tbz,tgz,gz'); $disallowed_file_extensions = explode(',','sh,ssh,so,dll,exe,bat,vbs,zip,rar,z,tar,tbz,tgz,gz');
if (in_array($fax_file_extension, $disallowed_file_extensions) || $fax_file_extension == '') { continue; } if (in_array($fax_file_extension, $disallowed_file_extensions) || $fax_file_extension == '') { continue; }
$fax_name = $_files['name'][$index]; //use a safe file name
$fax_name = preg_replace('/\\.[^.\\s]{3,4}$/', '', $fax_name); $fax_name = md5($_files['name'][$index]);
$fax_name = str_replace(" ", "_", $fax_name);
//lua doesn't seem to like special chars with env:GetHeader
$fax_name = str_replace(";", "_", $fax_name);
$fax_name = str_replace(",", "_", $fax_name);
$fax_name = str_replace("'", "_", $fax_name);
$fax_name = str_replace("!", "_", $fax_name);
$fax_name = str_replace("@", "_", $fax_name);
$fax_name = str_replace("#", "_", $fax_name);
$fax_name = str_replace("$", "_", $fax_name);
$fax_name = str_replace("%", "_", $fax_name);
$fax_name = str_replace("^", "_", $fax_name);
$fax_name = str_replace("`", "_", $fax_name);
$fax_name = str_replace("~", "_", $fax_name);
$fax_name = str_replace("&", "_", $fax_name);
$fax_name = str_replace("(", "_", $fax_name);
$fax_name = str_replace(")", "_", $fax_name);
$fax_name = str_replace("+", "_", $fax_name);
$fax_name = str_replace("=", "_", $fax_name);
//rename the file
$attachment_file_name = $_files['name'][$index]; $attachment_file_name = $_files['name'][$index];
if ($attachment_file_name != $fax_name.'.'.$fax_file_extension) { if ($attachment_file_name != $fax_name.'.'.$fax_file_extension) {
rename($dir_fax_temp.'/'.$attachment_file_name, $dir_fax_temp.'/'.$fax_name.'.'.$fax_file_extension); rename($dir_fax_temp.'/'.$attachment_file_name, $dir_fax_temp.'/'.$fax_name.'.'.$fax_file_extension);
@@ -382,7 +364,7 @@ if (!function_exists('fax_split_dtmf')) {
if (!$included) { if (!$included) {
//check if directory exists //check if directory exists
if (!is_dir($dir_fax_temp)) { if (!is_dir($dir_fax_temp)) {
event_socket_mkdir($dir_fax_temp); mkdir($dir_fax_temp, 0770);
} }
//move uploaded file //move uploaded file
move_uploaded_file($_files['tmp_name'][$index], $dir_fax_temp.'/'.$fax_name.'.'.$fax_file_extension); move_uploaded_file($_files['tmp_name'][$index], $dir_fax_temp.'/'.$fax_name.'.'.$fax_file_extension);