[Security] Path Traversal

[fuzzyroddis]

mv secret_icon.png ~/secret_icon.png
echo -n "../secret_icon" | nc -u localhost 1738

What should happen: A question mark icon is displayed as no valid icon was found in ~/.AnyBar

What happens: The secret icon is displayed which is located at ~/.AnyBar/../secret_icon.png

I can't think of a way to exploit it however.

[fuzzyroddis]

Problem Line: https://github.com/tonsky/AnyBar/blob/master/AnyBar/AppDelegate.m#L132 One Kind of Fix: Use a regular expression to limit image file names to [a-zA-Z0-9.-_]

[tonsky]

Although I agree it sounds insecure it's all limited to local machine and worst that could happen is you see the image on your own screen. I'll think what I can do about it

On Wed, Sep 6, 2017 at 12:13 PM Steven Roddis [email protected] wrote:

Problem Line: https://github.com/tonsky/AnyBar/blob/master/AnyBar/AppDelegate.m#L132 One Kind of Fix: Use a regular expression to limit image file names to [a-zA-Z0-9.-_]

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/tonsky/AnyBar/issues/66#issuecomment-327424519, or mute the thread https://github.com/notifications/unsubscribe-auth/AARabCgWbinMNhzVZmb7nHKxgfsbU_hdks5sfmIjgaJpZM4PODnH .