suggestions please "what should i watch for/guard against' in a file upload situation?"

[Steven D'Aprano]

On Wed, 06 Oct 2010 09:02:21 -0700, geekbuntu wrote:

> in general, what are things i would want to 'watch for/guard against' in
> a file upload situation?
> 
> i have my file upload working (in the self-made framework @ work without
> any concession for multipart form uploads), but was told to make sure
> it's cleansed and cannot do any harm inside the system.

Make sure *what* is cleansed? Your code? The uploaded files? Define 
"cleansed".

Do you have to block viruses, malware, spybots, illegal pornography, 
legal pornography, illegal content, warez, copyright violations, stolen 
trade secrets, "dirty" words, pictures of cats?

What operating system are you uploading to?

What happens if somebody tries to upload a 1 TB file to your server?

What happens if they try to upload a billion 1 KB files instead?


 
> my checklist so far is basically to check the extension - ensure it has
> 3 places, ensure it's in the allowed list (like jpg gif etc...).

Do you have something against file extensions like .gz or .jpeg ?

I'm not sure why you think you need to check the file extension.

 
> not sure what else i could do to guard against anything bad happening. 
> maybe the file name itself could cause greif?

You think? :)

What happens if the file name has characters in it that your file system 
can't deal with? Bad unicode, binary bytes, slashes, colons, question 
marks, asterisks, etc.

What about trying to break out of your file storage area using .. paths?

Without knowing what your file upload code actually does, it's hard to 
give specific advice.


-- 
Steven