github/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2024-11-24 18:56:32 -05:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request from GHSA-p528-555r-pf87

Browse source 
Fix Relative Path Traversal Attack on note creation
This commit is contained in:
David Mehren 2021-04-25 21:28:18 +02:00 committed by GitHub
commit 59f669e593
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
lib/models/note.js
View file

@ -94,7 +94,7 @@ module.exports = function (sequelize, DataTypes) {
let body = null
let filePath = null
if (note.alias) {
filePath = path.join(config.docsPath, note.alias + '.md')
filePath = path.join(config.docsPath, path.basename(note.alias) + '.md')
}
if (!filePath || !Note.checkFileExist(filePath)) {
filePath = config.defaultNotePath
@ -196,7 +196,7 @@ module.exports = function (sequelize, DataTypes) {
}
}).then(function (note) {
if (note) {
const filePath = path.join(config.docsPath, noteId + '.md')
const filePath = path.join(config.docsPath, path.basename(noteId) + '.md')
if (Note.checkFileExist(filePath)) {
// if doc in filesystem have newer modified time than last change time
// then will update the doc in db
@ -238,7 +238,7 @@ module.exports = function (sequelize, DataTypes) {
return callback(null, note.id)
}
} else {
const filePath = path.join(config.docsPath, noteId + '.md')
const filePath = path.join(config.docsPath, path.basename(noteId) + '.md')
if (Note.checkFileExist(filePath)) {
Note.create({
alias: noteId,