This is an automated email from the ASF dual-hosted git repository. jleroux pushed a commit to branch release17.12 in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
The following commit(s) were added to refs/heads/release17.12 by this push: new e3691d1 Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307) (#352) e3691d1 is described below commit e3691d1b2110b590b80dd4ea3c1fa09076a3032f Author: rohitkou <93367235+rohit...@users.noreply.github.com> AuthorDate: Tue Nov 23 15:05:41 2021 +0530 Fixed: CVE-2021-37608 vulnerability bypass (OFBIZ-12307) (#352) Fixed the Additional image uploading issue which got somehow missed in service addAdditionalViewForProduct. Co-authored-by: Rohit Koushal <rohit.kousha...@gmail.com> --- .../main/java/org/apache/ofbiz/product/product/ProductServices.java | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/applications/product/src/main/java/org/apache/ofbiz/product/product/ProductServices.java b/applications/product/src/main/java/org/apache/ofbiz/product/product/ProductServices.java index 3fe1a66..617525e 100644 --- a/applications/product/src/main/java/org/apache/ofbiz/product/product/ProductServices.java +++ b/applications/product/src/main/java/org/apache/ofbiz/product/product/ProductServices.java @@ -1049,10 +1049,13 @@ public class ProductServices { String fileToCheck = imageServerPath + "/" + fileLocation + "." + extension.getString("fileExtensionId"); File file = new File(fileToCheck); try { - if (!org.apache.ofbiz.security.SecuredUpload.isValidFile(fileToCheck, "Image", delegator)) { + Path tempFile = Files.createTempFile(null, null); + Files.write(tempFile, imageData.array(), StandardOpenOption.APPEND); + if (!org.apache.ofbiz.security.SecuredUpload.isValidFile(tempFile.toString(), "Image", delegator)) { String errorMessage = UtilProperties.getMessage("SecurityUiLabels", "SupportedImageFormats", locale); return ServiceUtil.returnError(errorMessage); } + Files.delete(tempFile); RandomAccessFile out = new RandomAccessFile(fileToCheck, "rw"); out.write(imageData.array()); out.close();