LailaTheElf/hedgedoc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Always save uploads to a tmpdir first and cleanup afterwards

Browse Source 
This makes sure no unintended files are permanently saved.

Co-authored-by: Yannick Bungers <git@innay.de>
Signed-off-by: David Mehren <git@herrmehren.de>
This commit is contained in:
David Mehren 2020-12-27 15:52:26 +01:00
parent cf4344d9e0
commit 6932cc4df7
No known key found for this signature in database
GPG Key ID: 185982BA4C42B7C3
3 changed files with 26 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
lib/web/imageRouter/filesystem.js
View File

@ -1,6 +1,7 @@
'use strict' 'use strict'
const URL = require('url').URL const URL = require('url').URL
const path = require('path') const path = require('path')
const fs = require('fs')
const config = require('../../config') const config = require('../../config')
const logger = require('../../logger') const logger = require('../../logger')
@ -16,5 +17,13 @@ exports.uploadImage = function (imagePath, callback) {
return return
} }
callback(null, (new URL(path.basename(imagePath), config.serverURL + '/uploads/')).href) const fileName = path.basename(imagePath)
// move image from temporary path to upload directory
try {
fs.copyFileSync(imagePath, path.join(config.uploadsPath, fileName))
} catch (e) {
callback(new Error('Error while moving file'), null)
return
}
callback(null, (new URL(fileName, config.serverURL + '/uploads/')).href)
} }

24
lib/web/imageRouter/index.js
View File

@ -4,6 +4,9 @@ const Router = require('express').Router
const formidable = require('formidable') const formidable = require('formidable')
const path = require('path') const path = require('path')
const FileType = require('file-type') const FileType = require('file-type')
const fs = require('fs')
const os = require('os')
const rimraf = require('rimraf')
const config = require('../../config') const config = require('../../config')
const logger = require('../../logger') const logger = require('../../logger')
@ -30,25 +33,27 @@ async function checkUploadType (filePath) {
// upload image // upload image
imageRouter.post('/uploadimage', function (req, res) { imageRouter.post('/uploadimage', function (req, res) {
var form = new formidable.IncomingForm() if (!req.isAuthenticated() && !config.allowAnonymous && !config.allowAnonymousEdits) {
logger.error(`Image upload error: Anonymous edits and therefore uploads are not allowed)`)
form.keepExtensions = true return errors.errorForbidden(res)
if (config.imageUploadType === 'filesystem') {
form.uploadDir = config.uploadsPath
} }
var form = new formidable.IncomingForm()
form.keepExtensions = true
const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'hedgedoc-'))
form.uploadDir = tmpDir
form.parse(req, async function (err, fields, files) { form.parse(req, async function (err, fields, files) {
if (err) { if (err) {
logger.error(`Image upload error: formidable error: ${err}`) logger.error(`Image upload error: formidable error: ${err}`)
return errors.errorForbidden(res) rimraf(tmpDir)
} else if (!req.isAuthenticated() && !config.allowAnonymous && !config.allowAnonymousEdits) {
logger.error(`Image upload error: Anonymous edits and therefore uploads are not allowed)`)
return errors.errorForbidden(res) return errors.errorForbidden(res)
} else if (!files.image || !files.image.path) { } else if (!files.image || !files.image.path) {
logger.error(`Image upload error: Upload didn't contain file)`) logger.error(`Image upload error: Upload didn't contain file)`)
rimraf.sync(tmpDir)
return errors.errorBadRequest(res) return errors.errorBadRequest(res)
} else if (!await checkUploadType(files.image.path)) { } else if (!await checkUploadType(files.image.path)) {
rimraf.sync(tmpDir)
return errors.errorBadRequest(res) return errors.errorBadRequest(res)
} else { } else {
logger.debug(`SERVER received uploadimage: ${JSON.stringify(files.image)}`) logger.debug(`SERVER received uploadimage: ${JSON.stringify(files.image)}`)
@ -56,6 +61,7 @@ imageRouter.post('/uploadimage', function (req, res) {
const uploadProvider = require('./' + config.imageUploadType) const uploadProvider = require('./' + config.imageUploadType)
logger.debug(`imageRouter: Uploading ${files.image.path} using ${config.imageUploadType}`) logger.debug(`imageRouter: Uploading ${files.image.path} using ${config.imageUploadType}`)
uploadProvider.uploadImage(files.image.path, function (err, url) { uploadProvider.uploadImage(files.image.path, function (err, url) {
rimraf.sync(tmpDir)
if (err !== null) { if (err !== null) {
logger.error(err) logger.error(err)
return res.status(500).end('upload image error') return res.status(500).end('upload image error')

1
package.json
View File

@ -112,6 +112,7 @@
"readline-sync": "^1.4.7", "readline-sync": "^1.4.7",
"request": "^2.88.0", "request": "^2.88.0",
"reveal.js": "^3.9.2", "reveal.js": "^3.9.2",
"rimraf": "^3.0.2",
"scrypt-async": "^2.0.1", "scrypt-async": "^2.0.1",
"scrypt-kdf": "^2.0.1", "scrypt-kdf": "^2.0.1",
"select2": "^3.5.2-browserify", "select2": "^3.5.2-browserify",