Skip to content
This repository has been archived by the owner on Jan 16, 2024. It is now read-only.

Dragonfly possible injection attack #40

Open
aaronrussell opened this issue Apr 24, 2017 · 0 comments
Open

Dragonfly possible injection attack #40

aaronrussell opened this issue Apr 24, 2017 · 0 comments
Labels
help-wanted ruby

Comments

@aaronrussell
Copy link
Contributor

The bug tracker on one of our sites is being flooded with requests similar to:

/media/image_path.jpg?style=245x320# UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ggwd

Resulting in params:

{
  "style": "245x320# UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ggwd"
}

And is raising an error:

ArgumentError·Didn't recognise the geometry string 245x320# UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- ggwd

I don't think there's an actual security risk here, but would be nice to have someone else review the code. Additionally maybe the style regex can extract the intended parameter more strictly and ignore the rest.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
help-wanted ruby
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@aaronrussell