diff options
author | Daniel GarcĂa <[email protected]> | 2022-07-27 17:39:07 +0200 |
---|---|---|
committer | GitHub <[email protected]> | 2022-07-27 17:39:07 +0200 |
commit | ce9d93003cd37a79edba1ba830a6c6d3fa22c2c8 (patch) | |
tree | 2924f0534dea51aa00909c1fe816b381530a633a | |
parent | 331f6c08fe5e8ad996705c83e47aa12a5651519e (diff) | |
parent | abfa8684231c2426e5c8c0228b3f9fa41b62e713 (diff) | |
download | vaultwarden-ce9d93003cd37a79edba1ba830a6c6d3fa22c2c8.tar.gz vaultwarden-ce9d93003cd37a79edba1ba830a6c6d3fa22c2c8.zip |
Merge pull request #2650 from BlackDex/mitigate-mobile-client-uploads1.25.2
Mitigate attachment/send upload issues
-rw-r--r-- | src/api/core/ciphers.rs | 11 | ||||
-rw-r--r-- | src/api/core/sends.rs | 11 |
2 files changed, 22 insertions, 0 deletions
diff --git a/src/api/core/ciphers.rs b/src/api/core/ciphers.rs index 52919273..b491424e 100644 --- a/src/api/core/ciphers.rs +++ b/src/api/core/ciphers.rs @@ -947,6 +947,17 @@ async fn save_attachment( let mut data = data.into_inner(); + // There seems to be a bug somewhere regarding uploading attachments using the Android Client (Maybe iOS too?) + // See: https://github.com/dani-garcia/vaultwarden/issues/2644 + // Since all other clients seem to match TempFile::File and not TempFile::Buffered lets catch this and return an error for now. + // We need to figure out how to solve this, but for now it's better to not accept these attachments since they will be broken. + if let TempFile::Buffered { + content: _, + } = &data.data + { + err!("Error reading attachment data. Please try an other client."); + } + if let Some(size_limit) = size_limit { if data.data.len() > size_limit { err!("Attachment storage limit exceeded with this file"); diff --git a/src/api/core/sends.rs b/src/api/core/sends.rs index ddf23392..4f3291dc 100644 --- a/src/api/core/sends.rs +++ b/src/api/core/sends.rs @@ -216,6 +216,17 @@ async fn post_send_file(data: Form<UploadData<'_>>, headers: Headers, conn: DbCo err!("Send content is not a file"); } + // There seems to be a bug somewhere regarding uploading attachments using the Android Client (Maybe iOS too?) + // See: https://github.com/dani-garcia/vaultwarden/issues/2644 + // Since all other clients seem to match TempFile::File and not TempFile::Buffered lets catch this and return an error for now. + // We need to figure out how to solve this, but for now it's better to not accept these attachments since they will be broken. + if let TempFile::Buffered { + content: _, + } = &data + { + err!("Error reading send file data. Please try an other client."); + } + let size = data.len(); if size > size_limit { err!("Attachment storage limit exceeded with this file"); |