From: Flole998 <Flole998@users.noreply.github.com>
Date: Fri, 2 Feb 2024 22:44:48 +0000 (+0000)
Subject: Sanitize filename in content-disposition header
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=154b202288701013be926d5c13b205504483db93;p=thirdparty%2Ftvheadend.git

Sanitize filename in content-disposition header
---

diff --git a/src/webui/webui.c b/src/webui/webui.c
index 68a15f621..359a8ba61 100644
--- a/src/webui/webui.c
+++ b/src/webui/webui.c
@@ -2204,6 +2204,19 @@ page_srvid2(http_connection_t *hc, const char *remain, void *opaque)
   return 0;
 }
 
+/**
+ * Sanitice a filename to remove illegal characters from it
+ */
+static char *sanitize_filename(char *filename) {
+  if (!filename) return NULL;
+  char *s;
+  for (s = filename; *s; s++) {
+    if ((*s < 32) || (*s > 122) || strchr("/:\\<>|*?\"", *s) != NULL)
+      *s = '_';
+  }
+  return filename;
+}
+
 /**
  * Send a file
  */
@@ -2244,6 +2257,7 @@ http_serve_file(http_connection_t *hc, const char *fname,
                  basename, intlconv_charset_id("ASCII", 1, 1));
         return HTTP_STATUS_INTERNAL;
       }
+      sanitize_filename(str0);
       htsbuf_queue_init(&q, 0);
       htsbuf_append_and_escape_rfc8187(&q, basename);
       str = htsbuf_to_string(&q);