aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private/files.php
diff options
context:
space:
mode:
authorRobin McCorkell <rmccorkell@karoshi.org.uk>2015-03-27 23:43:35 +0000
committerRobin McCorkell <rmccorkell@karoshi.org.uk>2015-03-27 23:43:35 +0000
commitab991458ada0ca5b2dae31a04b068711e533abc3 (patch)
treeb757c6d688b8c7016273cdc7b6fcf73c17714d67 /lib/private/files.php
parentd55b88c043adcd40c51999a26b47d39cc8e1a183 (diff)
downloadnextcloud-server-ab991458ada0ca5b2dae31a04b068711e533abc3.tar.gz
nextcloud-server-ab991458ada0ca5b2dae31a04b068711e533abc3.zip
Require minimum 1 MiB upload limit
Diffstat (limited to 'lib/private/files.php')
-rw-r--r--lib/private/files.php10
1 files changed, 7 insertions, 3 deletions
diff --git a/lib/private/files.php b/lib/private/files.php
index e93b98a1891..0f48dca9715 100644
--- a/lib/private/files.php
+++ b/lib/private/files.php
@@ -52,6 +52,8 @@ class OC_Files {
const ZIP_FILES = 2;
const ZIP_DIR = 3;
+ const UPLOAD_MIN_LIMIT_BYTES = 1048576; // 1 MiB
+
/**
* @param string $filename
* @param string $name
@@ -246,15 +248,17 @@ class OC_Files {
* @return bool false on failure, size on success
*/
static function setUploadLimit($size) {
- //don't allow user to break his config -- upper boundary
+ //don't allow user to break his config
if ($size > PHP_INT_MAX) {
//max size is always 1 byte lower than computerFileSize returns
if ($size > PHP_INT_MAX + 1)
return false;
$size -= 1;
- } else {
- $size = OC_Helper::phpFileSize($size);
}
+ if ($size < self::UPLOAD_MIN_LIMIT_BYTES) {
+ return false;
+ }
+ $size = OC_Helper::phpFileSize($size);
//don't allow user to break his config -- broken or malicious size input
if (intval($size) === 0) {