From d19565756add78e246f193b4cffd104836b87fb4 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Tue, 6 Apr 2010 15:30:54 +0200 Subject: [PATCH 1/2] [feature/remote_upload-filesize] When transferring files from a remote webserver, abort the transfer as soon as the allowed filesize has been exceeded. PHPBB3-9517 --- phpBB/includes/functions_upload.php | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php index 054af29045..40872f0425 100644 --- a/phpBB/includes/functions_upload.php +++ b/phpBB/includes/functions_upload.php @@ -775,7 +775,18 @@ class fileupload { if ($get_info) { - $data .= @fread($fsock, 1024); + $block = @fread($fsock, 1024); + $filesize += strlen($block); + + if ($this->max_filesize && $filesize > $this->max_filesize) + { + $max_filesize = get_formatted_filesize($this->max_filesize, false); + + $file = new fileerror(sprintf($user->lang[$this->error_prefix . 'WRONG_FILESIZE'], $max_filesize['value'], $max_filesize['unit'])); + return $file; + } + + $data .= $block; } else { From e4398ef42e8b50978f23cfb6c9145763ab0156ae Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Tue, 6 Apr 2010 15:34:05 +0200 Subject: [PATCH 2/2] [feature/remote_upload-filesize] Also check HTTP content-length before actually starting the file transfer. PHPBB3-9517 --- phpBB/includes/functions_upload.php | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/phpBB/includes/functions_upload.php b/phpBB/includes/functions_upload.php index 40872f0425..51fed45ebd 100644 --- a/phpBB/includes/functions_upload.php +++ b/phpBB/includes/functions_upload.php @@ -802,6 +802,18 @@ class fileupload { $upload_ary['type'] = rtrim(str_replace('content-type: ', '', strtolower($line))); } + else if ($this->max_filesize && stripos($line, 'content-length: ') !== false) + { + $length = (int) str_replace('content-length: ', '', strtolower($line)); + + if ($length && $length > $this->max_filesize) + { + $max_filesize = get_formatted_filesize($this->max_filesize, false); + + $file = new fileerror(sprintf($user->lang[$this->error_prefix . 'WRONG_FILESIZE'], $max_filesize['value'], $max_filesize['unit'])); + return $file; + } + } else if (stripos($line, '404 not found') !== false) { $file = new fileerror($user->lang[$this->error_prefix . 'URL_NOT_FOUND']);