mirror of https://github.com/MISP/MISP
fix: Fixed several issues with the template file uploads, fixes #1743
- Bug with uploading attachments as described in the issue - move from pass by reference for a loop was still lacking the correct selector to update the array element instead of the loop's copy - attachment uploader tried to base64 the file-name instead of the file-data and store it as the attachment - Fix to an unrelated bug that didn't encrypt malicious files when going through the template uploaderpull/1754/head
parent
f8ddffd281
commit
8f4f1d2b46
|
@ -330,10 +330,14 @@ class TemplatesController extends AppController {
|
|||
$file = new File(APP . 'tmp/files/' . $attribute['data']);
|
||||
$content = $file->read();
|
||||
$attributes[$k]['data'] = base64_encode($content);
|
||||
if ($this->Event->Attribute->typeIsMalware($attributes[$k]['type'])) {
|
||||
$hashes = $this->Event->Attribute->handleMaliciousBase64($event_id, explode('|', $attributes[$k]['value'])[0], $attributes[$k]['data'], array('md5'));
|
||||
$attributes[$k]['data'] = $hashes['data'];
|
||||
}
|
||||
$file->delete();
|
||||
}
|
||||
$this->Attribute->create();
|
||||
if (!$this->Attribute->save(array('Attribute' => $attribute))) $fails++;
|
||||
if (!$this->Attribute->save(array('Attribute' => $attributes[$k]))) $fails++;
|
||||
}
|
||||
$count = isset($k) ? $k + 1 : 0;
|
||||
$event = $this->Event->find('first', array(
|
||||
|
@ -385,7 +389,6 @@ class TemplatesController extends AppController {
|
|||
} else {
|
||||
$this->set('upload_error', false);
|
||||
}
|
||||
|
||||
$this->set('result', $result);
|
||||
$this->set('filenames', $filenames);
|
||||
$this->set('fileArray', json_encode($fileArray));
|
||||
|
|
Loading…
Reference in New Issue