[network/dom] Improve sanitization of download filenames.

author: Moonchild <moonchild@palemoon.org> 2020-07-29 01:21:13 +0000
committer: Moonchild <moonchild@palemoon.org> 2020-07-29 14:28:24 +0000
commit: a91722be27ce3bd541ca10155fe80d81202785ad (patch)
tree: b41bffb348ab3d81cd4a622dedbb575f9780c019 /netwerk/protocol
parent: 1ef64f9ea3396f29b996da0293f96030bd4ac2a5 (diff)
download: UXP-a91722be27ce3bd541ca10155fe80d81202785ad.tar
UXP-a91722be27ce3bd541ca10155fe80d81202785ad.tar.gz
UXP-a91722be27ce3bd541ca10155fe80d81202785ad.tar.lz
UXP-a91722be27ce3bd541ca10155fe80d81202785ad.tar.xz
UXP-a91722be27ce3bd541ca10155fe80d81202785ad.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/netwerk/protocol/http/HttpBaseChannel.cpp b/netwerk/protocol/http/HttpBaseChannel.cpp
index a53022f71..bf8e17537 100644
--- a/netwerk/protocol/http/HttpBaseChannel.cpp
+++ b/netwerk/protocol/http/HttpBaseChannel.cpp
@@ -562,6 +562,12 @@ NS_IMETHODIMP
 HttpBaseChannel::SetContentDispositionFilename(const nsAString& aContentDispositionFilename)
 {
   mContentDispositionFilename = new nsString(aContentDispositionFilename);
+
+  // For safety reasons ensure the filename doesn't contain null characters and
+  // replace them with underscores. We may later pass the extension to system
+  // MIME APIs that expect null terminated strings.
+  mContentDispositionFilename->ReplaceChar(char16_t(0), '_');
+
   return NS_OK;
 }
author	Moonchild <moonchild@palemoon.org>	2020-07-29 01:21:13 +0000
committer	Moonchild <moonchild@palemoon.org>	2020-07-29 14:28:24 +0000
commit	a91722be27ce3bd541ca10155fe80d81202785ad (patch)
tree	b41bffb348ab3d81cd4a622dedbb575f9780c019 /netwerk/protocol
parent	1ef64f9ea3396f29b996da0293f96030bd4ac2a5 (diff)
download	UXP-a91722be27ce3bd541ca10155fe80d81202785ad.tar UXP-a91722be27ce3bd541ca10155fe80d81202785ad.tar.gz UXP-a91722be27ce3bd541ca10155fe80d81202785ad.tar.lz UXP-a91722be27ce3bd541ca10155fe80d81202785ad.tar.xz UXP-a91722be27ce3bd541ca10155fe80d81202785ad.zip