models/repo_editor: sanitize user-defined file name to prevent RCE (#5558)

Reported by PentesterLab (https://pentesterlab.com).
author: Unknwon <u@gogs.io> 2018-12-18 01:31:04 -0500
committer: Unknwon <u@gogs.io> 2018-12-18 01:31:04 -0500
commit: 86ada875296eb81ffd902f976eedee9ea0f19859 (patch)
tree: fb7e03f4bd27768cd5509fdc5a735813d49c4842 /models
parent: d74437af578718784c30819f160dc98e6f401a12 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/models/repo_editor.go b/models/repo_editor.go
index 810556ec..a302a8de 100644
--- a/models/repo_editor.go
+++ b/models/repo_editor.go
@@ -328,7 +328,7 @@ func (upload *Upload) LocalPath() string {
 func NewUpload(name string, buf []byte, file multipart.File) (_ *Upload, err error) {
 	upload := &Upload{
 		UUID: gouuid.NewV4().String(),
-		Name: name,
+		Name: tool.SanitizePath(name),
 	}
 
 	localPath := upload.LocalPath()
author	Unknwon <u@gogs.io>	2018-12-18 01:31:04 -0500
committer	Unknwon <u@gogs.io>	2018-12-18 01:31:04 -0500
commit	86ada875296eb81ffd902f976eedee9ea0f19859 (patch)
tree	fb7e03f4bd27768cd5509fdc5a735813d49c4842 /models
parent	d74437af578718784c30819f160dc98e6f401a12 (diff)