diff options
-rw-r--r-- | web/html/pkgsubmit.php | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php index edffbfa1..72ada9d2 100644 --- a/web/html/pkgsubmit.php +++ b/web/html/pkgsubmit.php @@ -26,18 +26,32 @@ if ($_COOKIE["AURSID"]): $error = __("Error - No file uploaded"); } + # Check whether the file is gzip'ed + if (!$error) { + $fh = fopen($_FILES['pfile']['tmp_name'], 'rb'); + fseek($fh, 0, SEEK_SET); + $magic = end(unpack('v', fread($fh, 2))); + + if ($magic != 0x8b1f) { + $error = __("Error - unsupported file format (please submit gzip'ed tarballs generated by makepkg(8) only)."); + } + } + # Check uncompressed file size (ZIP bomb protection) if (!$error && $MAX_FILESIZE_UNCOMPRESSED) { - $fh = fopen($_FILES['pfile']['tmp_name'], 'rb'); fseek($fh, -4, SEEK_END); $filesize_uncompressed = end(unpack('V', fread($fh, 4))); - fclose($fh); if ($filesize_uncompressed > $MAX_FILESIZE_UNCOMPRESSED) { $error = __("Error - uncompressed file size too large."); } } + # Close file handle before extracting stuff + if (is_resource($fh)) { + fclose($fh); + } + $uid = uid_from_sid($_COOKIE['AURSID']); if (!$error) { |