From 1086a0f9231f1294ac8de9a89979340a95caf9be Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Wed, 14 Sep 2016 10:26:04 +0200 Subject: [PATCH 1/2] Remove null bytes from paths --- js/galleryview.js | 3 +++ 1 file changed, 3 insertions(+) diff --git a/js/galleryview.js b/js/galleryview.js index eb147c7d7..c0166c7f0 100644 --- a/js/galleryview.js +++ b/js/galleryview.js @@ -43,6 +43,9 @@ * @param {string|undefined} errorMessage */ init: function (albumPath, errorMessage) { + // Remove all null-bytes from the path + albumPath = albumPath.replace(/\0/g, ''); + // Only do it when the app is initialised if (this.requestId === -1) { this._initButtons(); From ef4bd34a96a817b934cd978c06ea4ce42f1ef0b4 Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Wed, 14 Sep 2016 13:11:32 +0200 Subject: [PATCH 2/2] Verify path name --- js/galleryview.js | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/js/galleryview.js b/js/galleryview.js index c0166c7f0..73b6e59ac 100644 --- a/js/galleryview.js +++ b/js/galleryview.js @@ -36,6 +36,22 @@ this.showLoading(); }, + /** + * @param {string} path + * @returns {boolean} + */ + _isValidPath: function(path) { + var sections = path.split('/'); + for (var i = 0; i < sections.length; i++) { + if (sections[i] === '..') { + return false; + } + } + + return path.toLowerCase().indexOf(decodeURI('%0a')) === -1 && + path.toLowerCase().indexOf(decodeURI('%00')) === -1; + }, + /** * Populates the view if there are images or albums to show * @@ -43,8 +59,10 @@ * @param {string|undefined} errorMessage */ init: function (albumPath, errorMessage) { - // Remove all null-bytes from the path - albumPath = albumPath.replace(/\0/g, ''); + // Set path to an empty value if not a valid one + if(!this._isValidPath(albumPath)) { + albumPath = ''; + } // Only do it when the app is initialised if (this.requestId === -1) {