[wp-trac] [WordPress Trac] #40175: Upload Validation / MIME Handling
WordPress Trac
noreply at wordpress.org
Sun Jul 15 08:50:25 UTC 2018
#40175: Upload Validation / MIME Handling
-------------------------------------------------+-------------------------
Reporter: blobfolio | Owner: joemcgill
Type: defect (bug) | Status: accepted
Priority: normal | Milestone: 5.0
Component: Media | Version: 4.7.3
Severity: major | Resolution:
Keywords: has-unit-tests has-patch needs- | Focuses:
testing early | administration
-------------------------------------------------+-------------------------
Comment (by okvee):
I come to this bug from using `wp_handle_upload()` function.
My code:
{{{#!php
$overrides['action'] = $_POST['action'];
$overrides['mimes'] = [
'jpg|jpeg|jpe' => 'image/jpeg',
'gif' => 'image/gif',
'png' => 'image/png',
];
$uploadResult = wp_handle_upload($_FILES['meter_elec_photo_url'],
$overrides);
}}}
I have fake .jpg image file which really is .txt text file, I try to
upload using this code and it allow me to upload without checking the real
file's mime type.
I follow into `wp_handle_upload()` and `_wp_handle_upload()` functions. It
use `wp_check_filetype_and_ext()` function to check file extension.
Other than this `if` condition:
{{{#!php
0 === strpos( $real_mime, 'application' )
}}}
I think instead of currently using `$allowed = get_allowed_mime_types();`,
it is better use `$mimes`.
Example:
{{{#!php
if (empty($mimes)) {
$allowed = get_allowed_mime_types();
} else {
$allowed = $mimes;
}
}}}
With this code, this function can use inherit `$mimes` value from
`wp_handle_upload()` function perfectly and safety.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/40175#comment:30>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list