Enforce Optional File Size Limit in API

2022-02-03 16:07:49 -08:00 · 2022-02-03 16:07:49 -08:00 · 1345cf519b
parent 7d2d3979c1
commit 1345cf519b
3 changed files with 37 additions and 21 deletions
--- a/functionality/filesharing/filesharing_functionality.go
+++ b/functionality/filesharing/filesharing_functionality.go
@ -74,7 +74,7 @@ func (om *OverlayMessage) ShouldAutoDL() bool {

 // DownloadFile given a profile, a conversation handle and a file sharing key, start off a download process
 // to downloadFilePath
-func (f *Functionality) DownloadFile(profile peer.CwtchPeer, conversationID int, downloadFilePath string, manifestFilePath string, key string) {
+func (f *Functionality) DownloadFile(profile peer.CwtchPeer, conversationID int, downloadFilePath string, manifestFilePath string, key string, limit int) {

 	// Store local.filesharing.filekey.manifest as the location of the manifest
 	profile.SetScopedZonedAttribute(attr.LocalScope, attr.FilesharingZone, fmt.Sprintf("%s.manifest", key), manifestFilePath)
@ -82,6 +82,9 @@ func (f *Functionality) DownloadFile(profile peer.CwtchPeer, conversationID int,
 	// Store local.filesharing.filekey.path as the location of the download
 	profile.SetScopedZonedAttribute(attr.LocalScope, attr.FilesharingZone, fmt.Sprintf("%s.path", key), downloadFilePath)

+	// Store local.filesharing.filekey.limit as the max file size of the download
+	profile.SetScopedZonedAttribute(attr.LocalScope, attr.FilesharingZone, fmt.Sprintf("%s.limit", key), strconv.Itoa(limit))
+
 	// Get the value of conversation.filesharing.filekey.manifest.size from `handle`
 	profile.SendScopedZonedGetValToContact(conversationID, attr.ConversationScope, attr.FilesharingZone, fmt.Sprintf("%s.manifest.size", key))
 }
--- a/peer/cwtch_peer.go
+++ b/peer/cwtch_peer.go
@ -1141,26 +1141,39 @@ func (cp *cwtchPeer) eventHandler() {
 					log.Debugf("downloading manifest to %v, file to %v", manifestFilePath, downloadFilePath)
 					var manifest files.Manifest
 					err := json.Unmarshal([]byte(serializedManifest), &manifest)
+
 					if err == nil {
-						manifest.Title = manifest.FileName
-						manifest.FileName = downloadFilePath
-						log.Debugf("saving manifest")
-						err = manifest.Save(manifestFilePath)
-						if err != nil {
-							log.Errorf("could not save manifest: %v", err)
-						} else {
-							tempFile := ""
-							if runtime.GOOS == "android" {
-								tempFile = manifestFilePath[0 : len(manifestFilePath)-len(".manifest")]
-								log.Debugf("derived android temp path: %v", tempFile)
+						// We only need to check the file size here, as manifest is sent to engine and the file created
+						// will be bound to the size advertised in manifest.
+						fileSizeLimitValue, fileSizeLimitExists := cp.GetScopedZonedAttribute(attr.LocalScope, attr.FilesharingZone, fmt.Sprintf("%v.limit", fileKey))
+						if fileSizeLimitExists {
+							fileSizeLimit, err := strconv.Atoi(fileSizeLimitValue)
+							if err == nil {
+								if manifest.FileSizeInBytes >= uint64(fileSizeLimit) {
+									log.Errorf("could not download file, size %v greater than limit %v", manifest.FileSizeInBytes, fileSizeLimitValue)
+								} else {
+									manifest.Title = manifest.FileName
+									manifest.FileName = downloadFilePath
+									log.Debugf("saving manifest")
+									err = manifest.Save(manifestFilePath)
+									if err != nil {
+										log.Errorf("could not save manifest: %v", err)
+									} else {
+										tempFile := ""
+										if runtime.GOOS == "android" {
+											tempFile = manifestFilePath[0 : len(manifestFilePath)-len(".manifest")]
+											log.Debugf("derived android temp path: %v", tempFile)
+										}
+										cp.eventBus.Publish(event.NewEvent(event.ManifestSaved, map[event.Field]string{
+											event.FileKey:            fileKey,
+											event.Handle:             handle,
+											event.SerializedManifest: string(manifest.Serialize()),
+											event.TempFile:           tempFile,
+											event.NameSuggestion:     manifest.Title,
+										}))
+									}
+								}
 							}
-							cp.eventBus.Publish(event.NewEvent(event.ManifestSaved, map[event.Field]string{
-								event.FileKey:            fileKey,
-								event.Handle:             handle,
-								event.SerializedManifest: string(manifest.Serialize()),
-								event.TempFile:           tempFile,
-								event.NameSuggestion:     manifest.Title,
-							}))
 						}
 					} else {
 						log.Errorf("error saving manifest: %v", err)
--- a/testing/filesharing/file_sharing_integration_test.go
+++ b/testing/filesharing/file_sharing_integration_test.go
@ -58,7 +58,7 @@ func TestFileSharing(t *testing.T) {
 	os.RemoveAll("cwtch.out.png")
 	os.RemoveAll("cwtch.out.png.manifest")

-	log.SetLevel(log.LevelInfo)
+	log.SetLevel(log.LevelDebug)

 	os.Mkdir("tordir", 0700)
 	dataDir := path.Join("tordir", "tor")
@ -155,7 +155,7 @@ func TestFileSharing(t *testing.T) {
 		err := json.Unmarshal([]byte(messageWrapper.Data), &fileMessageOverlay)

 		if err == nil {
-			filesharingFunctionality.DownloadFile(bob, 1, "cwtch.out.png", "cwtch.out.png.manifest", fmt.Sprintf("%s.%s", fileMessageOverlay.Hash, fileMessageOverlay.Nonce))
+			filesharingFunctionality.DownloadFile(bob, 1, "cwtch.out.png", "cwtch.out.png.manifest", fmt.Sprintf("%s.%s", fileMessageOverlay.Hash, fileMessageOverlay.Nonce), constants.ImagePreviewMaxSizeInBytes)
 		}
 	}