PEAK XOOPS - News in englishin japanese

Archive | RSS |
  
Poster : GIJOE on 2006-05-18 18:14:07 (10170 reads)

in englishin japanese
There are too many applications like XOOPS using redirection when error occurred.

They should be relaced into die() without conditions after normal post transactions.

If you write die() intead of redirection in error handling:
- Users can read the error message thoroughly.
- Users can return the previous page immediately.
- You don't have to write codes for redirect.



Poster : GIJOE on 2006-04-06 10:39:12 (15008 reads)

in englishin japanese
Though I've released "zip file upload" modules, the library PEAR::Archive_Zip which is used by the modules has two security holes.

(1) Directory Traversal with extracting a zip into the file system
(2) It is easy to create a zip exhausting server's memery with extracting.

Against (1), don't extract a zip into the file system directly.


	$reader = new Archive_Zip( (upload_tmp_file) ) ;
	$files = $reader->extract( array( 'extract_as_string' => true ) ) ;

You can get extracted bodies as an array of $files. Then, save them into files manually and carefully.

But, there are no clue to solve the problem of (2), in fact.

Thus, you cannot allow anonymous users to upload zip.
When I implement a feature of zip archive into myAlbum-P, it must be a function in admin side.

Since there are no CSRF threat with HTTP-upload, we should care "direct attacks" only.

0 comments

Poster : GIJOE on 2006-01-27 06:40:22 (49806 reads)

in englishin japanese
This is a some kind of rebuttal against a blog named "Vulnerabilities in PHP books"
Sorry, no english contents.

Read more... | 5225 bytes more |0 comments

Poster : GIJOE on 2006-01-21 05:42:22 (42448 reads)

in englishin japanese
This is a some kind of rebuttal against a blog named "Vulnerabilities in PHP books"
Sorry, no english contents.

Read more... | 8302 bytes more |1 comments

Poster : GIJOE on 2006-01-21 05:25:51 (32997 reads)

in englishin japanese
This is a some kind of rebuttal against a blog named "Vulnerabilities in PHP books"
Sorry, no english contents.

Read more... | 2169 bytes more |0 comments

« 1 2 3 4 (5) 6 »
Login
Username or e-mail:

Password:

Remember Me

Lost Password?

Register now!