Upload: Reject files that exceed the originals limit #4929 #4895 #2049

Signed-off-by: Michael Mayer <michael@photoprism.app>

internal/api/users_upload.go

@@ -92,6 +92,7 @@ func UploadUserFiles(router *gin.RouterGroup) {
 		allowedExt := conf.UploadAllow()
 		rejectArchives := !conf.UploadArchives()
 		rejectRaw := conf.DisableRaw()
+		sizeLimit := conf.OriginalsLimitBytes()
 
 		// Save uploaded files and append their names
 		// to "uploads" if they pass all checks.
@@ -107,6 +108,9 @@ func UploadUserFiles(router *gin.RouterGroup) {
 			} else if allowedExt.Excludes(fileType.DefaultExt()) {
 				log.Errorf("upload: rejected %s because its extension is not allowed", clean.Log(baseName))
 				continue
+			} else if sizeLimit > 0 && file.Size > sizeLimit {
+				log.Errorf("upload: rejected %s because its size exceeds the file size limit", clean.Log(baseName))
+				continue
 			}
 
 			// Save uploaded file in the user upload path.
@@ -128,7 +132,7 @@ func UploadUserFiles(router *gin.RouterGroup) {
 					continue
 				}
 
-				zipFiles, zipErr := fs.Unzip(destName, uploadDir)
+				zipFiles, zipErr := fs.Unzip(destName, uploadDir, sizeLimit)
 
 				logWarn("upload", os.Remove(destName))
 

internal/commands/commands_test.go

@@ -15,6 +15,8 @@ import (
 )
 
 func TestMain(m *testing.M) {
+	_ = os.Setenv("TF_CPP_MIN_LOG_LEVEL", "2")
+
 	log = logrus.StandardLogger()
 	log.SetLevel(logrus.TraceLevel)
 	event.AuditLog = log

internal/config/test.go

@@ -347,7 +347,7 @@ func (c *Config) DownloadTestData() error {
 
 // UnzipTestData extracts tests files from the zip archive.
 func (c *Config) UnzipTestData() error {
-	if _, err := fs.Unzip(TestDataZip, c.StoragePath()); err != nil {
+	if _, err := fs.Unzip(TestDataZip, c.StoragePath(), 2*fs.GB); err != nil {
 		return fmt.Errorf("config: could not unzip test data: %s", err.Error())
 	}
 

pkg/fs/zip.go

@@ -91,7 +91,7 @@ func ZipFile(zipWriter *zip.Writer, fileName, fileAlias string, compress bool) (
 }
 
 // Unzip extracts the contents of a zip file to the target directory.
-func Unzip(zipName, dir string) (files []string, err error) {
+func Unzip(zipName, dir string, sizeLimit int64) (files []string, err error) {
 	zipReader, err := zip.OpenReader(zipName)
 
 	if err != nil {
@@ -104,6 +104,8 @@ func Unzip(zipName, dir string) (files []string, err error) {
 		// Skip directories like __OSX and potentially malicious file names containing "..".
 		if strings.HasPrefix(zipFile.Name, "__") || strings.Contains(zipFile.Name, "..") {
 			continue
+		} else if sizeLimit > 0 && zipFile.UncompressedSize64 > uint64(sizeLimit) {
+			continue
 		}
 
 		fileName, unzipErr := UnzipFile(zipFile, dir)

pkg/fs/zip_test.go

@@ -27,7 +27,7 @@ func TestZip(t *testing.T) {
 			t.Logf("%s: %d bytes", zipName, info.Size())
 		}
 
-		if unzipFiles, err := Unzip(zipName, unzipDir); err != nil {
+		if unzipFiles, err := Unzip(zipName, unzipDir, 2*GB); err != nil {
 			t.Error(err)
 		} else {
 			t.Logf("%s: %#v", zipName, unzipFiles)
@@ -59,7 +59,7 @@ func TestZip(t *testing.T) {
 			t.Logf("%s: %d bytes", zipName, info.Size())
 		}
 
-		if unzipFiles, err := Unzip(zipName, unzipDir); err != nil {
+		if unzipFiles, err := Unzip(zipName, unzipDir, 2*GB); err != nil {
 			t.Error(err)
 		} else {
 			t.Logf("%s: %#v", zipName, unzipFiles)