From 39642ec2b4464f17db5c6f17dbaf620c8015f2cf Mon Sep 17 00:00:00 2001
From: Aevann <randomname42029@gmail.com>
Date: Fri, 15 Sep 2023 01:40:25 +0300
Subject: [PATCH] patch exploit

---
 files/routes/asset_submissions.py | 4 ++++
 files/routes/settings.py          | 1 +
 2 files changed, 5 insertions(+)

diff --git a/files/routes/asset_submissions.py b/files/routes/asset_submissions.py
index 2bb330248..0a0f485c0 100644
--- a/files/routes/asset_submissions.py
+++ b/files/routes/asset_submissions.py
@@ -85,6 +85,7 @@ def submit_emoji(v):
 
 	highquality = f'/asset_submissions/emojis/{name}'
 	file.save(highquality)
+	process_image(highquality, v) #to ensure not malware
 
 	filename = f'/asset_submissions/emojis/{name}.webp'
 	copyfile(highquality, filename)
@@ -298,6 +299,7 @@ def submit_hat(v):
 
 	highquality = f'/asset_submissions/hats/{name}'
 	file.save(highquality)
+	process_image(highquality, v) #to ensure not malware
 
 	with Image.open(highquality) as i:
 		if i.width > 100 or i.height > 130:
@@ -435,6 +437,7 @@ def update_emoji(v):
 
 		highquality = f"/asset_submissions/emojis/{name}"
 		file.save(highquality)
+		process_image(highquality, v) #to ensure not malware
 		with Image.open(highquality) as i:
 			format = i.format.lower()
 		new_path = f'/asset_submissions/emojis/original/{name}.{format}'
@@ -509,6 +512,7 @@ def update_hat(v):
 
 	highquality = f"/asset_submissions/hats/{name}"
 	file.save(highquality)
+	process_image(highquality, v) #to ensure not malware
 
 	with Image.open(highquality) as i:
 		if i.width > 100 or i.height > 130:
diff --git a/files/routes/settings.py b/files/routes/settings.py
index 04b22f768..5e6292020 100644
--- a/files/routes/settings.py
+++ b/files/routes/settings.py
@@ -777,6 +777,7 @@ def settings_song_change_mp3(v):
 
 	name = f'/songs/{song}.mp3'
 	file.save(name)
+	process_audio(file, v) #to ensure not malware
 
 	size = os.stat(name).st_size
 	if size > 8 * 1024 * 1024: