Jump to content

[Bug] In Invisionboard v 2.1.1 (and most propably before)


Guest Vir@s

Recommended Posts

Posted

Hi!

I'm not 100% sure if this is the correct forum to post or not - but if not feel free to move it :).

I got version 2.1.1 and had the problem that uploading of files is not possible if open_basedir restriction is running.

I isolated the problem - here is it (taken from class_upload.php, starting with line 363):

if ( $this->image_check )

{

	$img_attributes = @getimagesize( $_FILES[ $this->upload_form_field ]['tmp_name'] );


	if ( ! is_array( $img_attributes ) or ! count( $img_attributes ) )

	{

		$this->error_no = 5;

		return;

	}

	else if ( ! $img_attributes[2] )

	{

		$this->error_no = 5;

		return;

	}

}



The problem is, that the getimagesize tries to access the temporary file directly (the tmp dir is normally outside the basedir) and so therefor the openbasedir restriction blocks the access to that file.

My suggestion: move the uploaded file to a temporary position (inside the root path) before doing the checks.

If you need any additional information, please let me know!

Mfg,
Vir@s

Posted

Here is a possible workaround. What I did is just moving the whole image check after the move_uploaded_file command. If it isn't a valid image it gets deleted.

		$this->saved_upload_name = $this->out_file_dir.'/'.$this->parsed_file_name;


		if ( ! @move_uploaded_file( $_FILES[ $this->upload_form_field ]['tmp_name'], $this->saved_upload_name) )

		{

			$this->error_no = 4;

			return;

		}

		else

		{

			@chmod( $this->saved_upload_name, 0777 );


			//-------------------------------------------------

			// Is it an image?

			//-------------------------------------------------


			if ( is_array( $this->image_ext ) and count( $this->image_ext ) )

			{

				if ( in_array( $this->file_extension, $this->image_ext ) )

				{

					$this->is_image = 1;


					//-------------------------------------------------

					// Are we making sure its an image?

					//-------------------------------------------------


					if ( $this->image_check )

					{

						$img_attributes = @getimagesize( $this->saved_upload_name );


						if ( ! is_array( $img_attributes ) or ! count( $img_attributes ) )

						{

							$this->error_no = 5;

							unlink( $this->saved_upload_name );

							return;

						}

						else if ( ! $img_attributes[2] )

						{

							$this->error_no = 5;

							unlink( $this->saved_upload_name );

							return;

						}

					}

				}

			}

		}

	}

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...