Commit ad0d4c8d authored by Geoffrey Métais's avatar Geoffrey Métais

Prevent file overwrite from external media uri

Thank to Sergey Toshin for pointing this security flaw
parent fe19149b
......@@ -360,11 +360,10 @@ public class FileUtils {
cursor = ctx.getContentResolver().query(data,
new String[]{MediaStore.MediaColumns.DISPLAY_NAME}, null, null, null);
if (cursor != null && cursor.moveToFirst()) {
String filename = cursor.getString(cursor.getColumnIndex(MediaStore.MediaColumns.DISPLAY_NAME));
final String filename = cursor.getString(cursor.getColumnIndex(MediaStore.MediaColumns.DISPLAY_NAME)).replace("/", "");
Log.i(TAG, "Getting file " + filename + " from content:// URI");
is = ctx.getContentResolver().openInputStream(data);
if (is == null)
return data;
if (is == null) return data;
os = new FileOutputStream(AndroidDevices.EXTERNAL_PUBLIC_DIRECTORY + "/Download/" + filename);
final byte[] buffer = new byte[1024];
int bytesRead;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment