summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid Rothstein2013-03-01 04:41:58 (GMT)
committer David Rothstein2013-03-01 04:41:58 (GMT)
commit40d178b0097040017f2fe17607b0b2c1ad17c181 (patch)
tree109443a7c57f11b0232bc5c0492e4576a46a7a2d
parentbfaa7b4fd0c0b16e38ba3475d0be24b1d5f9a5d1 (diff)
Issue #1923554 by David_Rothstein, pwolanin, mitron | alfaguru: Fixed New anti-DoS measure breaks for some file URIs.
-rw-r--r--CHANGELOG.txt2
-rw-r--r--modules/image/image.module2
-rw-r--r--modules/image/image.test18
3 files changed, 20 insertions, 2 deletions
diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index 5822267..c43878f 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -1,6 +1,8 @@
Drupal 7.21, xxxx-xx-xx (development version)
-----------------------
+- Fixed a bug which caused the denial-of-service protection added in Drupal
+ 7.20 to break certain valid image URLs that had an extra slash in them.
- Fixed a bug with update queries in the SQLite database driver that prevented
Drupal from being installed with SQLite on PHP 5.4.
- Fixed enforced dependencies errors updating to recent versions of Drupal 7 on
diff --git a/modules/image/image.module b/modules/image/image.module
index 258f12f..78f5eff 100644
--- a/modules/image/image.module
+++ b/modules/image/image.module
@@ -993,7 +993,7 @@ function image_style_url($style_name, $path) {
// The token query is added even if the 'image_allow_insecure_derivatives'
// variable is TRUE, so that the emitted links remain valid if it is changed
// back to the default FALSE.
- $token_query = array(IMAGE_DERIVATIVE_TOKEN => image_style_path_token($style_name, $path));
+ $token_query = array(IMAGE_DERIVATIVE_TOKEN => image_style_path_token($style_name, file_stream_wrapper_uri_normalize($path)));
// If not using clean URLs, the image derivative callback is only available
// with the query string. If the file does not exist, use url() to ensure
diff --git a/modules/image/image.test b/modules/image/image.test
index d4db213..cb4ce48 100644
--- a/modules/image/image.test
+++ b/modules/image/image.test
@@ -168,9 +168,16 @@ class ImageStylesPathAndUrlTestCase extends DrupalWebTestCase {
}
/**
+ * Test image_style_url() with a file URL that has an extra slash in it.
+ */
+ function testImageStyleUrlExtraSlash() {
+ $this->_testImageStyleUrlAndPath('public', TRUE, TRUE);
+ }
+
+ /**
* Test image_style_url().
*/
- function _testImageStyleUrlAndPath($scheme, $clean_url = TRUE) {
+ function _testImageStyleUrlAndPath($scheme, $clean_url = TRUE, $extra_slash = FALSE) {
// Make the default scheme neither "public" nor "private" to verify the
// functions work for other than the default scheme.
variable_set('file_default_scheme', 'temporary');
@@ -196,6 +203,15 @@ class ImageStylesPathAndUrlTestCase extends DrupalWebTestCase {
$this->assertFalse(file_exists($generated_uri), t('Generated file does not exist.'));
$generate_url = image_style_url($this->style_name, $original_uri);
+ // Ensure that the tests still pass when the file is generated by accessing
+ // a poorly constructed (but still valid) file URL that has an extra slash
+ // in it.
+ if ($extra_slash) {
+ $modified_uri = str_replace('://', ':///', $original_uri);
+ $this->assertNotEqual($original_uri, $modified_uri, 'An extra slash was added to the generated file URI.');
+ $generate_url = image_style_url($this->style_name, $modified_uri);
+ }
+
if (!$clean_url) {
$this->assertTrue(strpos($generate_url, '?q=') !== FALSE, 'When using non-clean URLS, the system path contains the query string.');
}