FediBlock
/
backend
Archived
4
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

Add size limit for files.
continuous-integration/drone/push Build is failing Details

This commit is contained in:
tastytea 2020-06-29 22:41:42 +02:00
parent 4ce4fdd4fd
commit 8dd890c200
Signed by: tastytea
GPG Key ID: CFC39497F1B26E07
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/cgi.cpp
View File

@ -58,6 +58,11 @@ entry_type parse_formdata()
const auto screenshot = cgi.getFile("screenshot");
if (screenshot != cgi.getFiles().end())
{
constexpr size_t size_limit{1024 * 1024 * 2}; // 2 MiB.
if (screenshot->getDataLength() > size_limit)
{
throw runtime_error{"Filesize too big"};
}
string filepath{fs::temp_directory_path()
/ "fediblock-backend-XXXXXX"};
if (mkstemp(&filepath[0]) == -1) // mkstemp() modifies filepath.
@ -82,7 +87,7 @@ entry_type parse_formdata()
catch (const exception &e)
{
cerr << e.what() << '\n';
// TODO: Error handling.
// TODO: Make errors visible to the user in a helpful way.
}
return entry;