From e7566924dc54c05d989c5239b418ab27ea02825e Mon Sep 17 00:00:00 2001 From: =?utf8?q?Tim=20D=C3=BCsterhus?= Date: Sat, 8 Aug 2015 01:16:38 +0200 Subject: [PATCH] Guard against possible DoS attack in image proxy --- .../lib/action/ImageProxyAction.class.php | 35 ++++++++++--------- 1 file changed, 19 insertions(+), 16 deletions(-) diff --git a/wcfsetup/install/files/lib/action/ImageProxyAction.class.php b/wcfsetup/install/files/lib/action/ImageProxyAction.class.php index f8a2d089ef..7c31ac2355 100644 --- a/wcfsetup/install/files/lib/action/ImageProxyAction.class.php +++ b/wcfsetup/install/files/lib/action/ImageProxyAction.class.php @@ -46,29 +46,32 @@ class ImageProxyAction extends AbstractAction { $fileName = sha1($this->key); - $request = new HTTPRequest($url); - $request->execute(); - $image = $request->getReply()['body']; - - // check if image is linked - // TODO: handle SVGs - $imageData = getimagesizefromstring($image); - if (!$imageData) { - throw new IllegalLinkException(); - } - - // save image + // prepare path $fileExtension = pathinfo($url, PATHINFO_EXTENSION); $fileLocation = WCF_DIR.'images/proxy/'.substr($fileName, 0, 2).'/'.$fileName.($fileExtension ? '.'.$fileExtension : ''); $dir = dirname($fileLocation); if (!@file_exists($dir)) { FileUtil::makePath($dir, 0777); } - file_put_contents($fileLocation, $image); - - // update mtime for correct expiration calculation - @touch($fileLocation); + // download image + if (!file_exists($fileLocation)) { + $request = new HTTPRequest($url); + $request->execute(); + $image = $request->getReply()['body']; + + // check if image is linked + // TODO: handle SVGs + $imageData = getimagesizefromstring($image); + if (!$imageData) { + throw new IllegalLinkException(); + } + + file_put_contents($fileLocation, $image); + + // update mtime for correct expiration calculation + @touch($fileLocation); + } $this->executed(); @header('Content-Type: '.$imageData['mime']); -- 2.20.1