better check for images in fetch.php

This patch is an enhancement to yesterday's changes. The ability to download external content could be used for XSS attacks, when faking the sent MIME type. This patch adds a check on the received data for valid images. darcs-hash:20061018124942-7ad00-4e8bca7d3877e6a10c348b5d45499cf8adf8b087.gz

better check for images in fetch.php
d1ed0b61 · Andreas Gohr · 894a80cc · d1ed0b61
Commit d1ed0b61 authored 18 years ago by Andreas Gohr
--- a/lib/exe/fetch.php
+++ b/lib/exe/fetch.php
@@ -31,9 +31,9 @@
  }

  //media to local file
-  if(preg_match('#^(https?|ftp)://#i',$MEDIA)){
-    //handle external media
-    $FILE = get_from_URL($MEDIA,$EXT,$CACHE);
+  if(preg_match('#^(https?)://#i',$MEDIA)){
+    //handle external images 
+    if(strncmp($MIME,'image/',6) == 0) $FILE = get_from_URL($MEDIA,$EXT,$CACHE);
    if(!$FILE){
      //download failed - redirect to original URL
      header('Location: '.$MEDIA);
@@ -272,6 +272,14 @@ function image_download($url,$file){
  fwrite($fp,$data);
  fclose($fp);
  if(!$fileexists and $conf['fperm']) chmod($file, $conf['fperm']);
+
+  // check if it is really an image
+  $info = @getimagesize($file);
+  if(!$info){
+    @unlink($file);
+    return false;
+  }
+
  return true;
 }