aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBlackDex <[email protected]>2022-07-27 17:12:04 +0200
committerBlackDex <[email protected]>2022-07-27 17:12:04 +0200
commitabfa8684231c2426e5c8c0228b3f9fa41b62e713 (patch)
tree2924f0534dea51aa00909c1fe816b381530a633a
parent331f6c08fe5e8ad996705c83e47aa12a5651519e (diff)
downloadvaultwarden-abfa8684231c2426e5c8c0228b3f9fa41b62e713.tar.gz
vaultwarden-abfa8684231c2426e5c8c0228b3f9fa41b62e713.zip
Mitigate attachment/send upload issues
This PR attends to mitigate (not fix) #2644. There seems to be an issue when uploading files either as attachment or via send via the mobile (Android) client. The binary data gets transfered correctly to Vaultwarden (Checked via Wireshark), but the data is not parsed correctly for some reason. Since the parsing is not done by Vaultwarden it self, i think we should at least try to prevent saving the data and letting users think all fine. Further investigation is needed to actually fix this issue. This is just a quick patch.
-rw-r--r--src/api/core/ciphers.rs11
-rw-r--r--src/api/core/sends.rs11
2 files changed, 22 insertions, 0 deletions
diff --git a/src/api/core/ciphers.rs b/src/api/core/ciphers.rs
index 52919273..b491424e 100644
--- a/src/api/core/ciphers.rs
+++ b/src/api/core/ciphers.rs
@@ -947,6 +947,17 @@ async fn save_attachment(
let mut data = data.into_inner();
+ // There seems to be a bug somewhere regarding uploading attachments using the Android Client (Maybe iOS too?)
+ // See: https://github.com/dani-garcia/vaultwarden/issues/2644
+ // Since all other clients seem to match TempFile::File and not TempFile::Buffered lets catch this and return an error for now.
+ // We need to figure out how to solve this, but for now it's better to not accept these attachments since they will be broken.
+ if let TempFile::Buffered {
+ content: _,
+ } = &data.data
+ {
+ err!("Error reading attachment data. Please try an other client.");
+ }
+
if let Some(size_limit) = size_limit {
if data.data.len() > size_limit {
err!("Attachment storage limit exceeded with this file");
diff --git a/src/api/core/sends.rs b/src/api/core/sends.rs
index ddf23392..4f3291dc 100644
--- a/src/api/core/sends.rs
+++ b/src/api/core/sends.rs
@@ -216,6 +216,17 @@ async fn post_send_file(data: Form<UploadData<'_>>, headers: Headers, conn: DbCo
err!("Send content is not a file");
}
+ // There seems to be a bug somewhere regarding uploading attachments using the Android Client (Maybe iOS too?)
+ // See: https://github.com/dani-garcia/vaultwarden/issues/2644
+ // Since all other clients seem to match TempFile::File and not TempFile::Buffered lets catch this and return an error for now.
+ // We need to figure out how to solve this, but for now it's better to not accept these attachments since they will be broken.
+ if let TempFile::Buffered {
+ content: _,
+ } = &data
+ {
+ err!("Error reading send file data. Please try an other client.");
+ }
+
let size = data.len();
if size > size_limit {
err!("Attachment storage limit exceeded with this file");