Browse Source
Restrict the length attachment filenames on disk (#24186).
git-svn-id: http://svn.redmine.org/redmine/trunk@16083 e93f8b46-1217-0410-a6f0-8f06a7374b81tags/3.4.0
Jean-Philippe Lang
7 years ago
2 changed files with 14 additions and 1 deletions
+ 1
- 1
app/models/attachment.rb
View File
| @@ -413,7 +413,7 @@ class Attachment < ActiveRecord::Base | |||
| def self.disk_filename(filename, directory=nil) | |||
| timestamp = DateTime.now.strftime("%y%m%d%H%M%S") | |||
| ascii = '' | |||
| if filename =~ %r{^[a-zA-Z0-9_\.\-]*$} | |||
| if filename =~ %r{^[a-zA-Z0-9_\.\-]*$} && filename.length <= 50 | |||
| ascii = filename | |||
| else | |||
| ascii = Digest::MD5.hexdigest(filename) | |||
+ 13
- 0
test/unit/attachment_test.rb
View File
| @@ -81,6 +81,19 @@ class AttachmentTest < ActiveSupport::TestCase | |||
| assert_nil a.content_type | |||
| end | |||
| def test_shorted_filename_if_too_long | |||
| file = uploaded_test_file("testfile.txt", "text/plain") | |||
| file.instance_variable_set('@original_filename', "#{'a'*251}.txt") | |||
| assert 255, file.original_filename.length | |||
| a = Attachment.new(:container => Issue.find(1), | |||
| :file => file, | |||
| :author => User.find(1)) | |||
| assert a.save | |||
| a.reload | |||
| assert_equal 12 + 1 + 32 + 4, a.disk_filename.length | |||
| end | |||
| def test_copy_should_preserve_attributes | |||
| a = Attachment.find(1) | |||
| copy = a.copy | |||
Loading…