upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-03-29 13:53:55 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 32

Merge pull request #55316 from nextcloud/backport/55283/stable32

Browse source 
[stable32] fix(workflowenigne): stricter length header handling
This commit is contained in:
Joas Schilling 2025-10-07 16:26:26 +02:00 committed by GitHub
commit d3d2056d35
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 15 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
apps/workflowengine/lib/Check/FileSize.php
View file

@ -67,25 +67,35 @@ class FileSize implements ICheck {
}
/**
* @return string
* Gets the file size from HTTP headers.
*
* Checks 'OC-Total-Length' first; if unavailable and the method is POST or PUT,
* checks 'Content-Length'. Returns the size as int, float, or false if not found or invalid.
*
* @return int|float|false File size in bytes, or false if unavailable.
*/
protected function getFileSizeFromHeader() {
if ($this->size !== null) {
// Already have it cached?
return $this->size;
}
$size = $this->request->getHeader('OC-Total-Length');
if ($size === '') {
if (in_array($this->request->getMethod(), ['POST', 'PUT'])) {
// Try fallback for upload methods
$method = $this->request->getMethod();
if (in_array($method, ['POST', 'PUT'], true)) {
$size = $this->request->getHeader('Content-Length');
}
}
if ($size === '') {
$size = false;
if ($size !== '' && is_numeric($size)) {
$this->size = Util::numericToNumber($size);
} else {
// No valid size header found
$this->size = false;
}
$this->size = $size;
return $this->size;
}

14
build/psalm-baseline.xml
View file

@ -2748,20 +2748,6 @@
<code><![CDATA[null]]></code>
</NullArgument>
</file>
<file src="apps/workflowengine/lib/Check/FileSize.php">
<FalsableReturnStatement>
<code><![CDATA[$this->size]]></code>
</FalsableReturnStatement>
<InvalidPropertyAssignmentValue>
<code><![CDATA[$size]]></code>
</InvalidPropertyAssignmentValue>
<InvalidReturnStatement>
<code><![CDATA[$this->size]]></code>
</InvalidReturnStatement>
<InvalidReturnType>
<code><![CDATA[string]]></code>
</InvalidReturnType>
</file>
<file src="apps/workflowengine/lib/Check/RequestRemoteAddress.php">
<InvalidArgument>
<code><![CDATA[$decodedValue[1]]]></code>