Merge pull request #83 from drduh/20dec25

sanitize filename and expiry inputs

Author: drduh

handlers/clear.go

@@ -13,10 +13,8 @@ func Clear(app *config.App) http.HandlerFunc {
 		if req == nil {
 			return
 		}
-
 		app.ClearStorage()
 		app.Log.Info("storage cleared", "user", req)
-
 		toRoot(w, r, app.Root)
 	}
 }

handlers/download.go

@@ -14,18 +14,18 @@ func Download(app *config.App) http.HandlerFunc {
 			return
 		}
 
-		fileName := getRequestParameter(r, len(app.Download), "name")
-		if fileName == "" {
+		filename := getRequestParameter(r, len(app.Download), "name")
+		if filename == "" {
 			writeJSON(w, http.StatusNotFound, errorJSON(app.NoFilename))
 			app.Log.Error(app.NoFilename, "user", req)
 			return
 		}
-		app.Log.Debug("file requested", "filename", fileName, "user", req)
+		app.Log.Debug("file requested", "filename", filename, "user", req)
 
-		file := app.FindFile(fileName)
+		file := app.FindFile(filename)
 		if file == nil {
 			writeJSON(w, http.StatusNotFound, errorJSON(app.NotFound))
-			app.Log.Error(app.NotFound, "filename", fileName, "user", req)
+			app.Log.Error(app.NotFound, "filename", filename, "user", req)
 			return
 		}
 

handlers/form.go

@@ -3,25 +3,43 @@ package handlers
 import (
 	"net/http"
 	"strconv"
+	"strings"
 	"time"
+
+	"github.com/drduh/gone/settings"
 )
 
 // parseFormInt reads an integer form value or returns the default.
-func parseFormInt(r *http.Request, field string, def int) int {
+func parseFormInt(r *http.Request, field string, def, maximum int) int {
 	input := r.FormValue(field)
 	if input != "" {
+		input = strings.TrimSpace(input)
 		if v, err := strconv.Atoi(input); err == nil {
+			if v <= 0 {
+				return def
+			}
+			if v > maximum {
+				return maximum
+			}
 			return v
 		}
 	}
 	return def
 }
 
 // parseFormDuration reads a duration form value or returns the default.
-func parseFormDuration(r *http.Request, field string, def time.Duration) time.Duration {
+func parseFormDuration(r *http.Request, field string,
+	def time.Duration, maximum settings.Duration) time.Duration {
 	input := r.FormValue(field)
 	if input != "" {
+		input = strings.TrimSpace(input)
 		if d, err := time.ParseDuration(input); err == nil {
+			if d < time.Second {
+				return def
+			}
+			if d > maximum.GetDuration() {
+				return maximum.GetDuration()
+			}
 			return d
 		}
 	}

handlers/form_test.go

@@ -4,20 +4,40 @@ import (
 	"net/http"
 	"testing"
 	"time"
+
+	"github.com/drduh/gone/settings"
 )
 
 // TestParseFormInt tests integer form values are parsed.
 func TestParseFormInt(t *testing.T) {
+	def := 1
+	maximum := 100
 	tests := []struct {
-		name  string
-		query string
-		field string
-		def   int
-		want  int
+		name    string
+		query   string
+		field   string
+		def     int
+		want    int
+		maximum int
 	}{
-		{"valid", "/?downloads=5", "downloads", 10, 5},
-		{"missing", "/", "downloads", 10, 10},
-		{"invalid", "/?downloads=none", "downloads", 10, 10},
+		{"valid", "/?downloads=5", "downloads",
+			def, 5, maximum},
+		{"space", "/?downloads= 5  ", "downloads",
+			def, 5, maximum},
+		{"missing", "/", "downloads",
+			def, 1, maximum},
+		{"invalid", "/?downloads=none", "downloads",
+			def, 1, maximum},
+		{"zero", "/?downloads=0", "downloads",
+			def, def, maximum},
+		{"negative", "/?downloads=-1", "downloads",
+			def, def, maximum},
+		{"fraction", "/?downloads=3.5", "downloads",
+			def, def, maximum},
+		{"large", "/?downloads=101", "downloads",
+			def, maximum, maximum},
+		{"xlarge", "/?downloads=999999999999999999999",
+			"downloads", def, def, maximum}, // overflows int64
 	}
 	for _, tc := range tests {
 		tc := tc
@@ -27,7 +47,7 @@ func TestParseFormInt(t *testing.T) {
 			if err != nil {
 				t.Fatal(err)
 			}
-			got := parseFormInt(req, tc.field, tc.def)
+			got := parseFormInt(req, tc.field, tc.def, tc.maximum)
 			if got != tc.want {
 				t.Fatalf("parseFormInt(%q) = %d; want %d",
 					tc.query, got, tc.want)
@@ -38,21 +58,34 @@ func TestParseFormInt(t *testing.T) {
 
 // TestParseFormDuration tests duration form values are parsed.
 func TestParseFormDuration(t *testing.T) {
+	def := 1 * time.Hour
+	maximum := 8 * 24 * time.Hour
 	tests := []struct {
-		name  string
-		query string
-		field string
-		def   time.Duration
-		want  time.Duration
+		name    string
+		query   string
+		field   string
+		def     time.Duration
+		want    time.Duration
+		maximum time.Duration
 	}{
 		{"valid", "/?duration=1h30m", "duration",
-			2 * time.Hour, 90 * time.Minute},
+			def, 90 * time.Minute, maximum},
+		{"space", "/?duration= 15m ", "duration",
+			def, 15 * time.Minute, maximum},
 		{"missing", "/", "duration",
-			2 * time.Hour, 2 * time.Hour},
+			def, def, maximum},
 		{"invalid", "/?duration=none", "duration",
-			2 * time.Hour, 2 * time.Hour},
-		{"seconds", "/?duration=123s", "duration",
-			2 * time.Hour, 2*time.Minute + 3*time.Second},
+			def, def, maximum},
+		{"zero", "/?duration=0s", "duration",
+			def, def, maximum},
+		{"negative", "/?duration=-1h", "duration",
+			def, def, maximum},
+		{"fraction", "/?duration=1.5h", "duration",
+			def, 90 * time.Minute, maximum},
+		{"large", "/?duration=9999h", "duration",
+			def, maximum, maximum},
+		{"xlarge", "/?duration=99999999999h", "duration",
+			def, def, maximum}, // overflows int64
 	}
 	for _, tc := range tests {
 		tc := tc
@@ -62,7 +95,8 @@ func TestParseFormDuration(t *testing.T) {
 			if err != nil {
 				t.Fatal(err)
 			}
-			got := parseFormDuration(req, tc.field, tc.def)
+			got := parseFormDuration(req, tc.field, tc.def,
+				settings.Duration{Duration: tc.maximum})
 			if got != tc.want {
 				t.Fatalf("parseFormDuration(%q) = %v; want %v",
 					tc.query, got, tc.want)

handlers/index.go

@@ -8,42 +8,39 @@ import (
 	"github.com/drduh/gone/templates"
 )
 
-// Index handles requests for the main index page
-// with all available application features.
+const templateData = "data/*.tmpl"
+
+// Index handles requests to load and render the index page.
 func Index(app *config.App) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		req := authRequest(w, r, app)
 		if req == nil {
 			return
 		}
-
 		app.Log.Info("serving index", "user", req)
 
 		theme := getDefaultTheme(app.Style.Theme)
-		app.Log.Debug("got theme", "default", theme)
 		if app.Style.AllowPick {
 			theme = getTheme(w, r, theme,
 				app.Cookie.Id,
 				app.Cookie.Time.GetDuration(),
 				app.Style.Available)
-			app.Log.Debug("got theme", "selected", theme)
 		}
 
-		tmpl, err := template.New("index").ParseFS(templates.All, "data/*.tmpl")
+		tmpl, err := template.New("index").ParseFS(templates.All, templateData)
 		if err != nil {
 			writeJSON(w, http.StatusInternalServerError, errorJSON(app.TmplParse))
 			app.Log.Error(app.TmplParse, "error", err.Error(), "user", req)
 			return
 		}
 
 		app.UpdateTimeRemaining()
-
 		response := templates.Index{
 			Auth:            app.Auth,
+			Default:         app.Default,
 			DefaultDuration: app.Expiration.String(),
 			Hostname:        app.Hostname,
 			Index:           app.Index,
-			Default:         app.Default,
 			Limit:           app.Limit,
 			NoFiles:         app.NoFiles,
 			Paths:           app.Paths,

handlers/list.go

@@ -4,7 +4,6 @@ import (
 	"net/http"
 
 	"github.com/drduh/gone/config"
-	"github.com/drduh/gone/storage"
 )
 
 // List handles requests to list Files in Storage.
@@ -15,49 +14,9 @@ func List(app *config.App) http.HandlerFunc {
 			return
 		}
 		app.UpdateTimeRemaining()
-		files := getFiles(app)
+		files := app.ListFiles()
 		app.Log.Info("serving file list",
 			"files", len(files), "user", req)
 		writeJSON(w, http.StatusOK, files)
 	}
 }
-
-// getFiles returns a list of non-expired Files in Storage,
-// and removes expired Files.
-func getFiles(app *config.App) []storage.File {
-	files := make([]storage.File, 0, len(app.Files))
-	for _, file := range app.Files {
-		reason := file.IsExpired()
-		if reason != "" {
-			app.Expire(file)
-			app.Log.Info("removed file", "reason", reason,
-				"id", file.Id, "name", file.Name,
-				"downloads", file.Total)
-			break
-		}
-
-		f := storage.File{
-			Id:   file.Id,
-			Name: file.Name,
-			Size: file.Size,
-			Sum:  file.Sum,
-			Type: file.Type,
-			Owner: storage.Owner{
-				Agent: file.Agent,
-				Mask:  file.Mask,
-			},
-			Time: storage.Time{
-				Remain: file.Time.Remain,
-				Upload: file.Upload,
-			},
-			Downloads: storage.Downloads{
-				Allow:  file.Downloads.Allow,
-				Remain: file.NumRemaining(),
-				Total:  file.Total,
-			},
-		}
-		files = append(files, f)
-	}
-
-	return files
-}

handlers/random.go

@@ -7,7 +7,7 @@ import (
 	"github.com/drduh/gone/util"
 )
 
-// Random serves a random string of specified type.
+// Random handles requests to generate a random string.
 func Random(app *config.App) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		req := authRequest(w, r, app)

handlers/upload.go

@@ -37,11 +37,11 @@ func Upload(app *config.App) http.HandlerFunc {
 		}
 
 		downloadLimit := parseFormInt(r,
-			formFieldDownloads, app.Downloads)
+			formFieldDownloads, app.Downloads, app.MaxDownloads)
 		app.Log.Debug("got form value", formFieldDownloads, downloadLimit)
 
 		durationLimit := parseFormDuration(r,
-			formFieldDuration, app.Expiration.Duration)
+			formFieldDuration, app.Expiration.Duration, app.MaxDuration)
 		app.Log.Debug("got form value", formFieldDuration, durationLimit)
 
 		var upload storage.File
@@ -77,8 +77,10 @@ func Upload(app *config.App) http.HandlerFunc {
 					return
 				}
 
+				filename := storage.SanitizeName(fileHeader.Filename,
+					app.MaxSizeName, app.FilenameExtraChars)
 				f := &storage.File{
-					Name: fileHeader.Filename,
+					Name: filename,
 					Data: buf.Bytes(),
 					Owner: storage.Owner{
 						Address: req.Address,

settings/config.go

@@ -185,9 +185,21 @@ type Default struct {
 // Content represents limits on content sharing.
 type Limit struct {
 
+	// Extra characters allowed in file names
+	FilenameExtraChars string `json:"filenameChars,omitempty"`
+
+	// Maximum number of allowed downloads
+	MaxDownloads int `json:"maxDownloads,omitempty"`
+
+	// Maximum expiration duration
+	MaxDuration Duration `json:"maxDuration,omitempty"`
+
 	// Maximum text message size
 	MaxSizeMsg int `json:"maxSizeMsg,omitempty"`
 
+	// Maximum file name length
+	MaxSizeName int `json:"maxSizeName,omitempty"`
+
 	// Maximum wall content size
 	MaxSizeWall int `json:"maxSizeWall,omitempty"`
 

settings/defaultSettings.json

@@ -73,11 +73,15 @@
     }
   },
   "limit": {
+    "expiryTicker":  "30s",
+    "filenameChars": "_.-",
+    "maxDownloads":  100,
+    "maxDuration":   "192h",
     "maxSizeMsg":    128,
+    "maxSizeName":   64,
     "maxSizeWall":   1280,
     "maxSizeFileMb": 256,
-    "reqsPerMinute": 30,
-    "expiryTicker":  "30s"
+    "reqsPerMinute": 30
   },
   "paths": {
     "assets":      "/assets/",