aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel GarcĂ­a <[email protected]>2022-07-27 17:39:07 +0200
committerGitHub <[email protected]>2022-07-27 17:39:07 +0200
commitce9d93003cd37a79edba1ba830a6c6d3fa22c2c8 (patch)
tree2924f0534dea51aa00909c1fe816b381530a633a
parent331f6c08fe5e8ad996705c83e47aa12a5651519e (diff)
parentabfa8684231c2426e5c8c0228b3f9fa41b62e713 (diff)
downloadvaultwarden-ce9d93003cd37a79edba1ba830a6c6d3fa22c2c8.tar.gz
vaultwarden-ce9d93003cd37a79edba1ba830a6c6d3fa22c2c8.zip
Merge pull request #2650 from BlackDex/mitigate-mobile-client-uploads1.25.2
Mitigate attachment/send upload issues
-rw-r--r--src/api/core/ciphers.rs11
-rw-r--r--src/api/core/sends.rs11
2 files changed, 22 insertions, 0 deletions
diff --git a/src/api/core/ciphers.rs b/src/api/core/ciphers.rs
index 52919273..b491424e 100644
--- a/src/api/core/ciphers.rs
+++ b/src/api/core/ciphers.rs
@@ -947,6 +947,17 @@ async fn save_attachment(
let mut data = data.into_inner();
+ // There seems to be a bug somewhere regarding uploading attachments using the Android Client (Maybe iOS too?)
+ // See: https://github.com/dani-garcia/vaultwarden/issues/2644
+ // Since all other clients seem to match TempFile::File and not TempFile::Buffered lets catch this and return an error for now.
+ // We need to figure out how to solve this, but for now it's better to not accept these attachments since they will be broken.
+ if let TempFile::Buffered {
+ content: _,
+ } = &data.data
+ {
+ err!("Error reading attachment data. Please try an other client.");
+ }
+
if let Some(size_limit) = size_limit {
if data.data.len() > size_limit {
err!("Attachment storage limit exceeded with this file");
diff --git a/src/api/core/sends.rs b/src/api/core/sends.rs
index ddf23392..4f3291dc 100644
--- a/src/api/core/sends.rs
+++ b/src/api/core/sends.rs
@@ -216,6 +216,17 @@ async fn post_send_file(data: Form<UploadData<'_>>, headers: Headers, conn: DbCo
err!("Send content is not a file");
}
+ // There seems to be a bug somewhere regarding uploading attachments using the Android Client (Maybe iOS too?)
+ // See: https://github.com/dani-garcia/vaultwarden/issues/2644
+ // Since all other clients seem to match TempFile::File and not TempFile::Buffered lets catch this and return an error for now.
+ // We need to figure out how to solve this, but for now it's better to not accept these attachments since they will be broken.
+ if let TempFile::Buffered {
+ content: _,
+ } = &data
+ {
+ err!("Error reading send file data. Please try an other client.");
+ }
+
let size = data.len();
if size > size_limit {
err!("Attachment storage limit exceeded with this file");