uploads_controller.rb
code Critical
Command Injection
Discovered over 4 years ago
Source: static code analysis
Category: Command Injection
Confidence level: High

Problem

Possible command injection

Location

app/controllers/uploads_controller.rb:80

`convert #{(FileHelper.download(url, [SiteSetting.max_image_size_kb, SiteSetting.max_attachment_size_kb].max.kilobytes, "discourse-upload-#{type}") rescue nil or file.tempfile).path} -quality #{SiteSetting.convert_pasted_images_quality} #{"#{File.dirname((FileHelper.download(url, [SiteSetting.max_image_size_kb, SiteSetting.max_attachment_size_kb].max.kilobytes, "discourse-upload-#{type}") rescue nil or file.tempfile).path)}/image.jpg"}`

Category description: Command injection occurs when shell commands unsafely include user-manipulatable values.

Solution: fix the issue in app/controllers/uploads_controller.rb or mark it as false positive.

upload.rb
code Severe
Command Injection
Discovered over 4 years ago
Source: static code analysis
Category: Command Injection
Confidence level: Medium

Problem

Possible command injection

Location

app/models/upload.rb:249

`convert #{path} -auto-orient #{path}`

Category description: Command injection occurs when shell commands unsafely include user-manipulatable values.

Solution: fix the issue in app/models/upload.rb or mark it as false positive.

optimized_image.rb
code Severe
Command Injection
Discovered over 4 years ago
Source: static code analysis
Category: Command Injection
Confidence level: Medium

Problem

Possible command injection

Location

app/models/optimized_image.rb:218

`#{instructions.join(" ")} &> /dev/null`

Category description: Command injection occurs when shell commands unsafely include user-manipulatable values.

Solution: fix the issue in app/models/optimized_image.rb or mark it as false positive.