Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitca0c52a

Browse files
asridharanYanshu Zhao
authored and
Yanshu Zhao
committed
Fixed the handling of "filename" and "filename*" attribute in Content… (microsoft#40)
* Fixed the handling of "filename" and "filename*" attribute in Content-Disposition header.This fix allows "filename" and "filename*" to be part of the same Content-Disposition header. When both attributes are present "filename*" always takes precedence.* Added checks to validate quotes in RFC 5987 formatted filename attributes. Also, added checks to make behavior consistent when we have duplicate filename attributes for ASCII fromatted attributes and RFC 5987 formatted attributes.
1 parent7d8ec60 commitca0c52a

File tree

2 files changed

+41
-13
lines changed

2 files changed

+41
-13
lines changed

‎apache2/msc_multipart.c‎

Lines changed: 38 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -94,8 +94,9 @@ static int multipart_parse_content_disposition(modsec_rec *msr, char *c_d_value)
9494
if (*p!=';')return-2;
9595
p++;
9696

97-
/* parse the appended parts */
97+
intfilenamePresent=0;
9898

99+
/* parse the appended parts */
99100
while(*p!='\0') {
100101
char*name=NULL,*value=NULL,*start=NULL;
101102

@@ -205,6 +206,9 @@ static int multipart_parse_content_disposition(modsec_rec *msr, char *c_d_value)
205206

206207
if (strcmp(name,"filename*")==0)
207208
{
209+
// Make sure to turn of INVALID quoting since RFC 5987 expects quotes in the filename format.
210+
msr->mpd->flag_invalid_quoting=0;
211+
208212
decoded_filename=rfc5987_decode(msr->mp,value);
209213
if (!decoded_filename)
210214
{
@@ -214,23 +218,44 @@ static int multipart_parse_content_disposition(modsec_rec *msr, char *c_d_value)
214218
}
215219
msr->multipart_filename=decoded_filename;
216220

217-
// Make sure to turn of INVALID quoting since RFC 5987 expects quotes in the filename format.
218-
msr->mpd->flag_invalid_quoting=0;
221+
222+
if (msr->mpd->mpp->filenameext!=NULL) {
223+
msr_log(msr,4,"Multipart: Warning: Duplicate Content-Disposition filename*: %s",
224+
log_escape_nq(msr->mp,decoded_filename));
225+
return-17;
226+
}
227+
228+
msr->mpd->mpp->filenameext=apr_pstrdup(msr->mp,decoded_filename);
229+
230+
// The `filename*` RCF 5987 encoded filename always overrides the `filename` parameter in content-disposition header.
231+
msr->mpd->mpp->filename=msr->mpd->mpp->filenameext;
232+
233+
// Re-run the validation check on the filename. We shouldn't be seeing quotes in the UTF-8 formatted filename either.
234+
validate_quotes(msr,msr->mpd->mpp->filename);
219235
}
220236
else
221237
{
222-
decoded_filename=value;
223-
validate_quotes(msr,value);
224-
msr->multipart_filename=apr_pstrdup(msr->mp,decoded_filename);
225-
}
238+
// Process the `filename` attribute in the content-disposition header only if `filename*` does not exist.
239+
filenamePresent++;
240+
if (filenamePresent>1)
241+
{
242+
// Duplicate `filename` attributes are not allowed.
243+
msr_log(msr,4,"Multipart: Warning: Duplicate Content-Disposition filename: %s",
244+
log_escape_nq(msr->mp,decoded_filename));
245+
return-15;
246+
}
226247

227-
if (msr->mpd->mpp->filename!=NULL)
228-
{
229-
msr_log(msr,4,"Multipart: Warning: Duplicate Content-Disposition filename: %s",
230-
log_escape_nq(msr->mp,decoded_filename));
231-
return-15;
248+
if (msr->mpd->mpp->filenameext==NULL)
249+
{
250+
// "name == 'filename'"
251+
decoded_filename=value;
252+
validate_quotes(msr,value);
253+
msr->multipart_filename=apr_pstrdup(msr->mp,decoded_filename);
254+
msr->mpd->mpp->filename=decoded_filename;
255+
}
232256
}
233-
msr->mpd->mpp->filename=decoded_filename;
257+
258+
234259

235260
if (msr->txcfg->debuglog_level >=9)
236261
{

‎apache2/msc_multipart.h‎

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -53,6 +53,9 @@ struct multipart_part {
5353
/* files only, filename as supplied by the browser */
5454
char*filename;
5555

56+
/* files only, filename as supplied by the browser in RFC 5987 format */
57+
char*filenameext;
58+
5659
char*last_header_name;
5760
apr_table_t*headers;
5861

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp