# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1611669157 -3600
# Node ID e53894d260927260bf40151b6d5fa28a7b616e81
# Parent  aade4a6179a3a1d26c092ce4aae377fd38dc55d5
mod_http_file_share: Validate that filename does not contain '/'

diff -r aade4a6179a3 -r e53894d26092 plugins/mod_http_file_share.lua
--- a/plugins/mod_http_file_share.lua	Tue Jan 26 14:51:55 2021 +0100
+++ b/plugins/mod_http_file_share.lua	Tue Jan 26 14:52:37 2021 +0100
@@ -36,6 +36,7 @@
 
 local upload_errors = errors.init(module.name, namespace, {
 	access = { "auth"; "forbidden" };
+	filename = { "modify"; "bad-request", "Invalid filename" };
 });
 
 function may_upload(uploader, filename, filesize, filetype) -- > boolean, error
@@ -44,6 +45,11 @@
 		return false, upload_errors.new("access");
 	end
 
+	if not filename or filename:find"/" then
+		-- On Linux, only '/' and '\0' are invalid in filenames and NUL can't be in XML
+		return false, upload_errors.new("filename");
+	end
+
 	return true;
 end
 
diff -r aade4a6179a3 -r e53894d26092 spec/scansion/http_upload.scs
--- a/spec/scansion/http_upload.scs	Tue Jan 26 14:51:55 2021 +0100
+++ b/spec/scansion/http_upload.scs	Tue Jan 26 14:52:37 2021 +0100
@@ -21,6 +21,19 @@
 		</slot>
 	</iq>
 
+Romeo sends:
+	<iq to='upload.localhost' type='get' id='ac56d83f-a627-4732-8399-60492d1210b6' xml:lang='en'>
+		<request content-type='text/plain' filename='invalid/filename.dat' xmlns='urn:xmpp:http:upload:0' size='1000'/>
+	</iq>
+
+Romeo receives:
+	<iq id='ac56d83f-a627-4732-8399-60492d1210b6' from='upload.localhost' type='error'>
+		<error type='modify'>
+			<bad-request xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
+			<text xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'>Invalid filename</text>
+		</error>
+	</iq>
+
 Romeo disconnects
 
 # recording ended on 2021-01-27T22:10:46Z