From 6e83effb45a08685b87a6dfd80731f65879f0367 Mon Sep 17 00:00:00 2001 From: David Christofas Date: Wed, 8 Feb 2023 16:05:38 +0100 Subject: [PATCH] add simple filetype validator for the logo upload --- services/web/pkg/service/v0/branding.go | 28 +++++++++++++++++++++++-- 1 file changed, 26 insertions(+), 2 deletions(-) diff --git a/services/web/pkg/service/v0/branding.go b/services/web/pkg/service/v0/branding.go index 0201487ea..2ebe6bf5e 100644 --- a/services/web/pkg/service/v0/branding.go +++ b/services/web/pkg/service/v0/branding.go @@ -5,12 +5,19 @@ import ( "errors" "io" "net/http" + "path" "path/filepath" ) var ( - errInvalidThemeConfig = errors.New("invalid themes config") - _themesConfigPath = filepath.FromSlash("themes/owncloud/theme.json") + errInvalidThemeConfig = errors.New("invalid themes config") + _themesConfigPath = filepath.FromSlash("themes/owncloud/theme.json") + _allowedExtensionMediatypes = map[string]string{ + ".jpg": "image/jpeg", + ".jpeg": "image/jpeg", + ".png": "image/png", + ".gif": "image/gif", + } ) // UploadLogo implements the endpoint to upload a custom logo for the oCIS instance. @@ -25,6 +32,12 @@ func (p Web) UploadLogo(w http.ResponseWriter, r *http.Request) { } defer file.Close() + mediatype := fileHeader.Header.Get("Content-Type") + if !allowedFiletype(fileHeader.Filename, mediatype) { + w.WriteHeader(http.StatusBadRequest) + return + } + fp := filepath.Join("branding", filepath.Join("/", fileHeader.Filename)) err = p.storeAsset(fp, file) if err != nil { @@ -57,6 +70,9 @@ func (p Web) updateLogoThemeConfig(logoPath string) error { if err == nil { defer f.Close() } + + // This decoding of the themes.json file is not optimal. If we need to decode it for other + // usecases as well we should consider decoding to a struct. var m map[string]interface{} _ = json.NewDecoder(f).Decode(&m) @@ -98,3 +114,11 @@ func (p Web) updateLogoThemeConfig(logoPath string) error { return json.NewEncoder(dst).Encode(m) } + +func allowedFiletype(filename, mediatype string) bool { + ext := path.Ext(filename) + + // Check if we allow that extension and if the mediatype matches the extension + mt, ok := _allowedExtensionMediatypes[ext] + return ok && mt == mediatype +}