Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Desktop] webtorrent .torrent file detection security issue #11488

Closed
diracdeltas opened this issue Aug 27, 2020 · 4 comments · Fixed by brave/brave-core#6531
Closed

[Desktop] webtorrent .torrent file detection security issue #11488

diracdeltas opened this issue Aug 27, 2020 · 4 comments · Fixed by brave/brave-core#6531
Labels
feature/webtorrent Label for webtorrent related issues OS/Desktop QA Pass-Linux QA Pass-macOS QA Pass-Win64 QA/Yes release-notes/include security
Milestone
1.15.x - Release #1

Comments

@diracdeltas
Copy link
Member

https://hackerone.com/reports/963155
@diracdeltas diracdeltas mentioned this issue Aug 28, 2020
Merged
32 tasks
diracdeltas added a commit to diracdeltas/brave-core that referenced this issue Sep 1, 2020
@diracdeltas
Webtorrent should check if file is .torrent before downloading
4499597 
fix brave/brave-browser#11488
@diracdeltas diracdeltas added this to the 1.15.x - Nightly milestone Sep 1, 2020
@diracdeltas diracdeltas mentioned this issue Sep 11, 2020
Closed
@GeetaSarvadnya
Copy link

GeetaSarvadnya commented Sep 15, 2020
edited by kjozwiak
Loading

Verification passed on


Brave | 1.15.50 Chromium: 85.0.4183.102 (Official Build) dev (64-bit)
-- | --
Revision | ffe848af6a5df4fa127e2929331116b7f9f1cb30-refs/branch-heads/4183@{#1770}
OS | Windows 10 OS Version 1903 (Build 18362.1016)

image

Verification passed on

Brave 1.15.55 Chromium: 85.0.4183.102 (Official Build) dev (64-bit)
Revision ffe848af6a5df4fa127e2929331116b7f9f1cb30-refs/branch-heads/4183@{#1770}
OS Ubuntu 18.04 LTS

Verification PASSED on macOS 10.15.6 x64 using the following build:

Brave | 1.15.56 Chromium: 85.0.4183.102 (Official Build) dev (64-bit)
-- | --
Revision | ffe848af6a5df4fa127e2929331116b7f9f1cb30-refs/branch-heads/4183@{#1770}
OS | macOS Version 10.15.6 (Build 19G73)

Screen Shot 2020-09-22 at 4 52 41 PM

Reproduced what @GeetaSarvadnya mentioned via #11488 (comment). Also reproduced/ran into #11302.

@GeetaSarvadnya
Copy link

@feross select https://php-demo-app-shibli.cfapps.io/test-driver.php link in URL bar and enter displays save .bat file window. Is this expected?

image

@diracdeltas diracdeltas mentioned this issue Sep 21, 2020
Closed
@kjozwiak kjozwiak mentioned this issue Sep 22, 2020
Closed
@kjozwiak
Copy link
Member

kjozwiak commented Sep 22, 2020
edited
Loading

@diracdeltas as per @GeetaSarvadnya's comment above, you can still download the POC if you paste the following URL into the omnibox rather than clicking on Save .torrent file.

* https://php-demo-app-shibli.cfapps.io/test.php

Assuming that's expected as we're not doing the check for .torrent files via the omnibox. Please let us know if we need to file a follow up to address the above.

@diracdeltas
Copy link
Member Author

@kjozwiak that's fine. thank you!

@kjozwiak kjozwiak mentioned this issue Oct 1, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature/webtorrent Label for webtorrent related issues OS/Desktop QA Pass-Linux QA Pass-macOS QA Pass-Win64 QA/Yes release-notes/include security
Projects
None yet
Milestone
1.15.x - Release #1
Development

Successfully merging a pull request may close this issue.

Webtorrent: validate torrent file before downloading diracdeltas/brave-core
4 participants
@diracdeltas @kjozwiak @btlechowski @GeetaSarvadnya