michael/webmin
1
0
Fork 0
mirror of https://github.com/webmin/webmin.git synced 2026-02-03 14:13:29 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix to read full size of dangerous type

Browse Source
This commit is contained in:
iliajie
2023-05-17 11:13:22 +03:00
parent c92395176f
commit d5a3eebe85
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
updown/fetch.cgi
View File

@@ -84,8 +84,11 @@ if ($ENV{'PATH_INFO'}) {
print "Content-length: $st[7]\n";
print "X-Content-Type-Options: nosniff\n";
print "Content-type: $type\n\n";
while(read(FILE, $buffer, &get_buffer_size_binary())) {
if ($type =~ /text\/html|xml/i) {
my $dtype = $type =~ /text\/html|xml/i;
my $bsize =
$dtype ? $st[7] : &get_buffer_size_binary();
while(read(FILE, $buffer, $bsize)) {
if ($dtype) {
print &filter_javascript($buffer);
}
else {