Merge remote-tracking branch 'origin/v13/dev' into v14/dev

# Conflicts: # build/azure-pipelines.yml # src/Umbraco.Cms.Api.Delivery/Controllers/DeliveryApiControllerBase.cs # src/Umbraco.Core/DependencyInjection/UmbracoBuilder.cs # src/Umbraco.Infrastructure/PropertyEditors/FileUploadPropertyValueEditor.cs # src/Umbraco.Infrastructure/PropertyEditors/ImageCropperPropertyValueEditor.cs # src/Umbraco.Web.BackOffice/Controllers/MediaController.cs # tests/Umbraco.Tests.Integration/Umbraco.Infrastructure/Packaging/PackageDataInstallationTests.cs # tests/Umbraco.Tests.Integration/Umbraco.Infrastructure/Services/LocalizationServiceTests.cs
2023-08-28 11:46:22 +02:00
parent b17a7689ab d43e6abc8b
commit 6fbf04592c
126 changed files with 2396 additions and 831 deletions
--- a/src/Umbraco.Core/Security/FileStreamSecurityValidator.cs
+++ b/src/Umbraco.Core/Security/FileStreamSecurityValidator.cs
@@ -0,0 +1,38 @@
+namespace Umbraco.Cms.Core.Security;
+
+public class FileStreamSecurityValidator : IFileStreamSecurityValidator
+{
+    private readonly IEnumerable<IFileStreamSecurityAnalyzer> _fileAnalyzers;
+
+    public FileStreamSecurityValidator(IEnumerable<IFileStreamSecurityAnalyzer> fileAnalyzers)
+    {
+        _fileAnalyzers = fileAnalyzers;
+    }
+
+    /// <summary>
+    /// Analyzes whether the file content is considered safe with registered IFileStreamSecurityAnalyzers
+    /// </summary>
+    /// <param name="fileStream">Needs to be a Read seekable stream</param>
+    /// <returns>Whether the file is considered safe after running the necessary analyzers</returns>
+    public bool IsConsideredSafe(Stream fileStream)
+    {
+        foreach (var fileAnalyzer in _fileAnalyzers)
+        {
+            fileStream.Seek(0, SeekOrigin.Begin);
+            if (!fileAnalyzer.ShouldHandle(fileStream))
+            {
+                continue;
+            }
+
+            fileStream.Seek(0, SeekOrigin.Begin);
+            if (fileAnalyzer.IsConsideredSafe(fileStream) == false)
+            {
+                return false;
+            }
+        }
+        fileStream.Seek(0, SeekOrigin.Begin);
+        // If no analyzer we consider the file to be safe as the implementer has the possibility to add additional analyzers
+        // Or all analyzers deem te file to be safe
+        return true;
+    }
+}
--- a/src/Umbraco.Core/Security/IFileStreamSecurityAnalyzer.cs
+++ b/src/Umbraco.Core/Security/IFileStreamSecurityAnalyzer.cs
@@ -0,0 +1,20 @@
+namespace Umbraco.Cms.Core.Security;
+
+public interface IFileStreamSecurityAnalyzer
+{
+
+    /// <summary>
+    /// Indicates whether the analyzer should process the file
+    /// The implementation should be considerably faster than IsConsideredSafe
+    /// </summary>
+    /// <param name="fileStream"></param>
+    /// <returns></returns>
+    bool ShouldHandle(Stream fileStream);
+
+    /// <summary>
+    /// Analyzes whether the file content is considered safe
+    /// </summary>
+    /// <param name="fileStream">Needs to be a Read/Write seekable stream</param>
+    /// <returns>Whether the file is considered safe</returns>
+    bool IsConsideredSafe(Stream fileStream);
+}
--- a/src/Umbraco.Core/Security/IFileStreamSecurityValidator.cs
+++ b/src/Umbraco.Core/Security/IFileStreamSecurityValidator.cs
@@ -0,0 +1,11 @@
+namespace Umbraco.Cms.Core.Security;
+
+public interface IFileStreamSecurityValidator
+{
+    /// <summary>
+    /// Analyzes wether the file content is considered safe with registered IFileStreamSecurityAnalyzers
+    /// </summary>
+    /// <param name="fileStream">Needs to be a Read seekable stream</param>
+    /// <returns>Whether the file is considered safe after running the necessary analyzers</returns>
+    bool IsConsideredSafe(Stream fileStream);
+}