diff options
| author | Joas Schilling <coding@schilljs.com> | 2016-10-19 11:43:53 +0200 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2016-10-19 11:43:53 +0200 |
| commit | a13ec4d48843d3be9da86fc2098fc3fd65319f67 (patch) | |
| tree | 3b98427afb542fb439ff091f0729c570ba18f24d | |
| parent | 55f5f5061d3b63b3155d79f385f1b4693e60cb2a (diff) | |
| download | nextcloud-server-a13ec4d48843d3be9da86fc2098fc3fd65319f67.tar.gz nextcloud-server-a13ec4d48843d3be9da86fc2098fc3fd65319f67.zip | |
Make sure we only use numbers as length
Signed-off-by: Joas Schilling <coding@schilljs.com>
| -rw-r--r-- | apps/dav/lib/connector/sabre/quotaplugin.php | 5 | ||||
| -rw-r--r-- | apps/dav/tests/unit/connector/sabre/quotaplugin.php | 6 |
2 files changed, 9 insertions, 2 deletions
diff --git a/apps/dav/lib/connector/sabre/quotaplugin.php b/apps/dav/lib/connector/sabre/quotaplugin.php index 0682fca94ea..484bb5129e8 100644 --- a/apps/dav/lib/connector/sabre/quotaplugin.php +++ b/apps/dav/lib/connector/sabre/quotaplugin.php @@ -120,12 +120,13 @@ class QuotaPlugin extends \Sabre\DAV\ServerPlugin { public function getLength() { $req = $this->server->httpRequest; $length = $req->getHeader('X-Expected-Entity-Length'); - if (!$length) { + if (!is_numeric($length)) { $length = $req->getHeader('Content-Length'); + $length = is_numeric($length) ? $length : null; } $ocLength = $req->getHeader('OC-Total-Length'); - if ($length && $ocLength) { + if (is_numeric($length) && is_numeric($ocLength)) { return max($length, $ocLength); } diff --git a/apps/dav/tests/unit/connector/sabre/quotaplugin.php b/apps/dav/tests/unit/connector/sabre/quotaplugin.php index 73a33331702..ef8598d914b 100644 --- a/apps/dav/tests/unit/connector/sabre/quotaplugin.php +++ b/apps/dav/tests/unit/connector/sabre/quotaplugin.php @@ -130,6 +130,12 @@ class QuotaPlugin extends \Test\TestCase { array(512, array('CONTENT-LENGTH' => '512')), array(2048, array('OC-TOTAL-LENGTH' => '2048', 'CONTENT-LENGTH' => '1024')), array(4096, array('OC-TOTAL-LENGTH' => '2048', 'X-EXPECTED-ENTITY-LENGTH' => '4096')), + [null, ['X-EXPECTED-ENTITY-LENGTH' => 'A']], + [null, ['CONTENT-LENGTH' => 'A']], + [1024, ['OC-TOTAL-LENGTH' => 'A', 'CONTENT-LENGTH' => '1024']], + [1024, ['OC-TOTAL-LENGTH' => 'A', 'X-EXPECTED-ENTITY-LENGTH' => '1024']], + [null, ['OC-TOTAL-LENGTH' => '2048', 'X-EXPECTED-ENTITY-LENGTH' => 'A']], + [null, ['OC-TOTAL-LENGTH' => '2048', 'CONTENT-LENGTH' => 'A']], ); } |