Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit 9a37bd1

Browse files
Merge pull request #260 from tree-chtsec/master
Fixed security issues
2 parents 43d25d8 + 9a8a7e3 commit 9a37bd1

File tree

3 files changed

+7
-2
lines changed

3 files changed

+7
-2
lines changed

‎BlogEngine/BlogEngine.Core/Data/UsersRepository.cs‎

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -98,6 +98,9 @@ public BlogUser Add(BlogUser user)
9898
if (!Security.IsAuthorizedTo(Rights.CreateNewUsers))
9999
throw new UnauthorizedAccessException();
100100

101+
if (user.UserName.Contains("/") || user.UserName.Contains(@"\"))
102+
throw new ApplicationException("Error adding new user; Invalid character detected in UserName");
103+
101104
// create user
102105
var usr = Membership.CreateUser(user.UserName, user.Password, user.Email);
103106
if (usr == null)

‎BlogEngine/BlogEngine.Core/Providers/FileSystemProviders/XmlFileSystemProvider.cs‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ private static string BlogAbsolutePath(string VirtualPath)
2828
private static string RelativeFilePath(string VirtualPath)
2929
{
3030
VirtualPath = VirtualPath.Replace("//","/").Trim();
31-
if (VirtualPath.ToLower().Contains(FileContainerRoot.ToLower()))
31+
if (VirtualPath.ToLower().Contains(FileContainerRoot.ToLower()+"/")||VirtualPath.ToLower()==FileContainerRoot.ToLower())
3232
return VirtualPath;
3333

3434
// ex: Oct 18 2012, added this to handle the case on the File Manager where if

‎BlogEngine/BlogEngine.NET/AppCode/Api/UploadController.cs‎

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -64,6 +64,8 @@ public HttpResponseMessage Post(string action, string dirPath = "")
6464
dir = BlogService.GetDirectory("/avatars");
6565
var dot = fileName.LastIndexOf(".");
6666
var ext = dot > 0 ? fileName.Substring(dot) : "";
67+
if (User.Identity.Name.Contains("/") || User.Identity.Name.Contains(@"\"))
68+
throw new ApplicationException("Invalid character detected in UserName");
6769
var profileFileName = User.Identity.Name + ext;
6870

6971
var imgPath = HttpContext.Current.Server.MapPath(dir.FullPath + "/" + profileFileName);
@@ -157,4 +159,4 @@ private void UploadVideo(string virtualFolder, HttpPostedFile file, string fileN
157159
}
158160

159161
#endregion
160-
}
162+
}

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /