From e6eeeb7ff9b50163f526297450321f8a47e4fb17 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@helsinki.at>
Date: Mon, 27 Jun 2016 22:49:00 +0200
Subject: enforce maximum file size


diff --git a/rhimport/core.go b/rhimport/core.go
index 7880d95..6a495a4 100644
--- a/rhimport/core.go
+++ b/rhimport/core.go
@@ -37,6 +37,8 @@ import (
 const (
 	CART_MAX = 999999
 	CUT_MAX  = 999
+	// not sure if rdxport.cgi can handle filesizes > MAX(INT32)
+	FILESIZE_MAX = (2 * 1024 * 1024 * 1024) - 1
 )
 
 var (
diff --git a/rhimport/fetcher.go b/rhimport/fetcher.go
index d923f24..5fa442e 100644
--- a/rhimport/fetcher.go
+++ b/rhimport/fetcher.go
@@ -111,6 +111,12 @@ func curlProgressCallback(dltotal, dlnow, ultotal, ulnow float64, userdata inter
 		return false
 	}
 
+	if dltotal > float64(FILESIZE_MAX) {
+		data.res.ResponseCode = http.StatusRequestEntityTooLarge
+		data.res.ErrorString = "file exceeds maximum file size"
+		return false
+	}
+
 	if data.ctx.ProgressCallBack != nil {
 		if keep := data.ctx.ProgressCallBack(1, "downloading", dlnow, dltotal, data.ctx.ProgressCallBackData); !keep {
 			data.ctx.ProgressCallBack = nil
@@ -301,29 +307,35 @@ func fetchFileDir(ctx *Context, res *Result, uri *url.URL, dir string) (err erro
 		res.ErrorString = fmt.Sprintf("local-file open(): %s", err)
 		return nil
 	}
-	size := float64(0)
+	defer src.Close()
+
+	size := int64(0)
 	if info, err := src.Stat(); err != nil {
 		res.ResponseCode = http.StatusBadRequest
 		res.ErrorString = fmt.Sprintf("local-file stat(): %s", err)
 		return nil
 	} else {
-		size = float64(info.Size())
+		size = info.Size()
 		if info.IsDir() {
 			res.ResponseCode = http.StatusBadRequest
 			res.ErrorString = fmt.Sprintf("'%s' is a directory", ctx.SourceFile)
 			return nil
 		}
 	}
+	if size > FILESIZE_MAX {
+		res.ResponseCode = http.StatusRequestEntityTooLarge
+		res.ErrorString = "file exceeds maximum file size"
+		return nil
+	}
+
 	if ctx.ProgressCallBack != nil {
-		if keep := ctx.ProgressCallBack(1, "fetching", 0.0, size, ctx.ProgressCallBackData); !keep {
+		if keep := ctx.ProgressCallBack(1, "fetching", 0.0, float64(size), ctx.ProgressCallBackData); !keep {
 			ctx.ProgressCallBack = nil
 		}
 	}
 
-	src.Close()
-
 	if ctx.ProgressCallBack != nil {
-		if keep := ctx.ProgressCallBack(1, "fetching", size, size, ctx.ProgressCallBackData); !keep {
+		if keep := ctx.ProgressCallBack(1, "fetching", float64(size), float64(size), ctx.ProgressCallBackData); !keep {
 			ctx.ProgressCallBack = nil
 		}
 	}
@@ -377,7 +389,7 @@ func writeAttachmentFile(ctx *Context, res *Result, sizeTotal uint64, src *os.Fi
 		cancel = make(<-chan bool)
 	}
 
-	written := 0
+	written := uint64(0)
 	for {
 		select {
 		case <-cancel:
@@ -393,12 +405,18 @@ func writeAttachmentFile(ctx *Context, res *Result, sizeTotal uint64, src *os.Fi
 				return nil
 			}
 
+			left := sizeTotal - written
+			if int(left) < len(data) {
+				rhl.Printf("attachment fetcher: truncating ")
+				data = data[0:left]
+			}
+
 			w, err := src.Write(data)
 			if err != nil {
 				rhl.Printf("Unable to write file %s: %s", ctx.SourceFile, err)
 				return err
 			}
-			written += w
+			written += uint64(w)
 
 			if ctx.ProgressCallBack != nil {
 				if keep := ctx.ProgressCallBack(1, "receiving", float64(written), float64(sizeTotal), ctx.ProgressCallBackData); !keep {
@@ -420,12 +438,17 @@ func fetchFileAttachment(ctx *Context, res *Result, uri *url.URL) error {
 		return fmt.Errorf("attachement channel is nil")
 	}
 
-	sizeTotal, err := strconv.ParseUint(uri.Host, 10, 32)
+	sizeTotal, err := strconv.ParseUint(uri.Host, 10, 64)
 	if err != nil {
 		res.ResponseCode = http.StatusBadRequest
 		res.ErrorString = "invalid attachment size (must be a positive integer)"
 		return nil
 	}
+	if sizeTotal > FILESIZE_MAX {
+		res.ResponseCode = http.StatusRequestEntityTooLarge
+		res.ErrorString = "file exceeds maximum file size"
+		return nil
+	}
 
 	basepath, err := ioutil.TempDir(ctx.conf.TempDir, "rhimportd-")
 	if err != nil {
-- 
cgit v0.10.2