From 4cf31d8850c7df4d53a2bc56e6832bbe11388d13 Mon Sep 17 00:00:00 2001
From: shadlaws <shad@shadlaws.com>
Date: Tue, 29 Jan 2013 18:48:39 +0100
Subject: #1970 - Make add watermarks more secure and add unit tests. This
 follows #1855 and #1951... - Ensured that invalid or illegal files are not
 added even if they have valid extensions. - Added unit tests (currently there
 aren't any...)

---
 modules/watermark/controllers/admin_watermarks.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'modules/watermark/controllers')

diff --git a/modules/watermark/controllers/admin_watermarks.php b/modules/watermark/controllers/admin_watermarks.php
index 14c2b394..1cc0c392 100644
--- a/modules/watermark/controllers/admin_watermarks.php
+++ b/modules/watermark/controllers/admin_watermarks.php
@@ -93,7 +93,9 @@ class Admin_Watermarks_Controller extends Admin_Controller {
     access::verify_csrf();
 
     $form = watermark::get_add_form();
-    if ($form->validate()) {
+    // For TEST_MODE, we want to simulate a file upload.  Because this is not a true upload, Forge's
+    // validation logic will correctly reject it.  So, we skip validation when we're running tests.
+    if (TEST_MODE || $form->validate()) {
       $file = $_POST["file"];
       $pathinfo = pathinfo($file);
       // Forge prefixes files with "uploadfile-xxxxxxx" for uniqueness
@@ -101,7 +103,8 @@ class Admin_Watermarks_Controller extends Admin_Controller {
       $name = legal_file::smash_extensions($name);
 
       list ($width, $height, $mime_type, $extension) = photo::get_file_metadata($file);
-      if (!legal_file::get_photo_extensions($extension)) {
+      if (!$width || !$height || !$mime_type || !$extension ||
+          !in_array($extension, legal_file::get_photo_extensions())) {
         message::error(t("Invalid or unidentifiable image file"));
         @unlink($file);
         return;
-- 
cgit v1.2.3