matt
(Matt Holt)
October 21, 2016, 1:14pm
2
Never seen this before! Do you have read permissions in that directory or to that file?
bugmenot
(bugmenot)
October 21, 2016, 7:55pm
3
Hey Matt,
The problem is path handling, ‘./dir’ breaks, ‘dir’ works.
upload /upload {
to “./uploaded/”
}
Details:
(I’m aware it is not a part of main repo)
This throws the ‘exploding’ text:
}
fileName := part.FileName()
if fileName == "" {
continue
}
_, retval, err := h.WriteOneHTTPBlob(scope, config, fileName, part.Header.Get("Content-Length"), part)
if err != nil {
// Don't use the fileName here: it is controlled by the user.
return retval, errors.Wrap(err, "MIME Multipart exploding failed on part "+strconv.Itoa(partNum))
}
}
return http.StatusOK, nil
}
// Translates the 'scope' into a proper directory, and extracts the filename from the resulting string.
func (h *Handler) translateForFilesystem(scope, providedName string, config *ScopeConfiguration) (fsPath, fsFilename string, err error) {
// 'uc' is freely controlled by the uploader
uc := strings.TrimPrefix(providedName, scope) // "/upload/mine/my.blob" → "/mine/my.blob"
Going down to (Throwing 422):
anticipatedSize string, r io.Reader) (uint64, int, error) {
expectBytes, _ := strconv.ParseUint(anticipatedSize, 10, 64)
if anticipatedSize != "" && expectBytes <= 0 {
return 0, http.StatusLengthRequired, errLengthInvalid
// Usually 411 is used for the outermost element.
// We don't require any length; but it must be valid if given.
}
path, fname, err := h.translateForFilesystem(scope, fileName, config)
if err != nil {
return 0, 422, err // 422: unprocessable entity
}
if config.RandomizedSuffixLength > 0 {
extension := filepath.Ext(fname)
basename := strings.TrimSuffix(fname, extension)
if basename == "" {
fname = printableSuffix(config.RandomizedSuffixLength) + extension
} else {
fname = basename + "_" + printableSuffix(config.RandomizedSuffixLength) + extension
}
Which fails in:
if err != nil {
// Don't use the fileName here: it is controlled by the user.
return retval, errors.Wrap(err, "MIME Multipart exploding failed on part "+strconv.Itoa(partNum))
}
}
return http.StatusOK, nil
}
// Translates the 'scope' into a proper directory, and extracts the filename from the resulting string.
func (h *Handler) translateForFilesystem(scope, providedName string, config *ScopeConfiguration) (fsPath, fsFilename string, err error) {
// 'uc' is freely controlled by the uploader
uc := strings.TrimPrefix(providedName, scope) // "/upload/mine/my.blob" → "/mine/my.blob"
s := filepath.Join(config.WriteToPath, strings.TrimLeft(uc, "./")) // → "/var/mine/my.blob"
// stop any childish path trickery here
translated := filepath.Clean(s) // "/var/mine/../mine/my.blob" → "/var/mine/my.blob"
if !strings.HasPrefix(translated, config.WriteToPath) {
err = os.ErrPermission
return
}
P.S.:
You are awesome at community activity and it surely is why it thrives.
Might become one to the cause if things go… somehow.
Cheers!
matt
(Matt Holt)
October 21, 2016, 11:10pm
4
You should file an issue on that plugin’s repository, it could be overlooked here. (Sorry, I wish I had the means to help you more on it right now!)
1 Like
wmark
(Mark)
January 9, 2017, 11:15pm
5
We’ve covered this in a different ticket, I think. But leaving this here in case someone else runs into this:
The target directory for uploads should be an absolute one. That is, something like /var/www/dir
is highly recommended, because a plugin outside the scope of caddy or upload could change the working directory itself resulting in grief when having used relative directories, which now, that caddy switched from eager checks of paths, point somewhere else.
»Implode/explode elements e
to/from a serialization form c
« is programmer’s slang from the nineties. (»Explode strings from array…«) Slightly related, other eastern eggs you might spot on the internet are descriptions to returns codes 200 Here you go
(instead of OK
), or 403 Verboten
.
system
(system)
Closed
April 9, 2017, 11:15pm
6
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.