The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
Article Feedback - ZFS: Resizing your zpool
 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Newer Topic  |  Older Topic 
 Security issues with this script
Author: C Morris 
Date:   17-01-03 19:42

It seems to me there are 2 issues with this script:

1) The size of the uploaded file is checked _after_ the upload has been done. If it is too large it is removed. However, by this time the file has already been written to disk. The ramifications here are significant.

For example:

WWW partition size = 500M

User uploads a 5GB file. Since the file size is checked _after_ the upload the available disk space on the www partition has been filled. Potential server crash.

2) No maximum specified on number of files that can be uploaded.
Similar to the previous issue.

For example:

www partition size = 500M

User Upload 10 x 100M files. Same result as issue 1.

These issues are not insurmountable but they should be taken into consideration by anyone who plans to post this script to their www server. Beware of blindly adding 3rd party scripts to your http server.

Reply To This Message
 Re: Security issues with this script
Author: Russ 
Date:   21-06-10 07:45

I haven't tested it, but I think this would correct that and still display the correct message.
I will test this and update.

At line 279:

while ($Bytes = read($File_Handle,$Buffer,1024)) {
$BytesRead += $Bytes;
print OUTFILE $Buffer;
if ($BytesRead > $MAXIMUM_UPLOAD && $MAXIMUM_UPLOAD > 0) {

That didn't work, oops...
Hopefully I'll be back.

Post Edited (22-06-10 10:32)

Reply To This Message
 Forum List  |  Threaded View   Newer Topic  |  Older Topic 

 Forum List  |  Need a Login? Register Here 
 User Login
 User Name:
 Remember my login:
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum