morpheus65535/bazarr
1
1
Fork 0
mirror of https://github.com/morpheus65535/bazarr.git synced 2024-09-20 15:35:58 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fixed file traversal via path filename vulnerability in swaggerui static route. #2559

Browse source
This commit is contained in:
morpheus65535 2024-07-01 08:02:08 -04:00
parent ad88ec3767
commit 7b7e984bff
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
bazarr/app/ui.py
View file

@ -153,8 +153,8 @@ def backup_download(filename):
def swaggerui_static(filename): def swaggerui_static(filename):
basepath = os.path.join(os.path.dirname(os.path.dirname(os.path.dirname(__file__))), 'libs', 'flask_restx', basepath = os.path.join(os.path.dirname(os.path.dirname(os.path.dirname(__file__))), 'libs', 'flask_restx',
'static') 'static')
fullpath = os.path.join(basepath, filename) fullpath = os.path.realpath(os.path.join(basepath, filename))
if not fullpath.startswith(basepath): if not basepath == os.path.commonpath((basepath, fullpath)):
return '', 404 return '', 404
else: else:
return send_file(fullpath) return send_file(fullpath)