PEAK XOOPS - News in englishin japanese

Archive | RSS |
  
Poster : GIJOE on 2006-05-18 18:14:07 (10246 reads)

in englishin japanese
There are too many applications like XOOPS using redirection when error occurred.

They should be relaced into die() without conditions after normal post transactions.

If you write die() intead of redirection in error handling:
- Users can read the error message thoroughly.
- Users can return the previous page immediately.
- You don't have to write codes for redirect.



Poster : GIJOE on 2006-04-06 10:39:12 (15070 reads)

in englishin japanese
Though I've released "zip file upload" modules, the library PEAR::Archive_Zip which is used by the modules has two security holes.

(1) Directory Traversal with extracting a zip into the file system
(2) It is easy to create a zip exhausting server's memery with extracting.

Against (1), don't extract a zip into the file system directly.


	$reader = new Archive_Zip( (upload_tmp_file) ) ;
	$files = $reader->extract( array( 'extract_as_string' => true ) ) ;

You can get extracted bodies as an array of $files. Then, save them into files manually and carefully.

But, there are no clue to solve the problem of (2), in fact.

Thus, you cannot allow anonymous users to upload zip.
When I implement a feature of zip archive into myAlbum-P, it must be a function in admin side.

Since there are no CSRF threat with HTTP-upload, we should care "direct attacks" only.

0 comments

Poster : GIJOE on 2006-01-27 06:40:22 (50894 reads)

in englishin japanese
This is a some kind of rebuttal against a blog named "Vulnerabilities in PHP books"
Sorry, no english contents.

Read more... | 5225 bytes more |0 comments

Poster : GIJOE on 2006-01-21 05:42:22 (43584 reads)

in englishin japanese
This is a some kind of rebuttal against a blog named "Vulnerabilities in PHP books"
Sorry, no english contents.

Read more... | 8302 bytes more |1 comments

Poster : GIJOE on 2006-01-21 05:25:51 (34210 reads)

in englishin japanese
This is a some kind of rebuttal against a blog named "Vulnerabilities in PHP books"
Sorry, no english contents.

Read more... | 2169 bytes more |0 comments

« 1 2 3 4 (5) 6 »
Login
Username or e-mail:

Password:

Remember Me

Lost Password?

Register now!