mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-18 22:08:20 +01:00
Code Issues Projects Releases Wiki Activity

Merge branch 'MDL-81060-main-fix' of https://github.com/meirzamoodle/moodle

Browse Source
This commit is contained in:
Jake Dallimore 2024-04-09 10:13:25 +08:00
commit b34930bfe6
No known key found for this signature in database
2 changed files with 13 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
lib/filestorage/zip_packer.php
View File

@ -451,17 +451,6 @@ class zip_packer extends file_packer {
$done = 0;
}
// Get user remaining space.
$areamaxbytes = FILE_AREA_MAX_BYTES_UNLIMITED;
$context = context::instance_by_id($contextid);
if (!has_capability('moodle/user:ignoreuserquota', $context)) {
// Get current used space for this user (private files only).
$fileareainfo = file_get_file_area_info($contextid, 'user', 'private');
$usedspace = $fileareainfo['filesize_without_references'];
$areamaxbytes = (int) $CFG->userquota - $usedspace;
}
$totalsizebytes = 0;
foreach ($ziparch as $info) {
// Notify progress.
if ($progress) {
@ -472,8 +461,6 @@ class zip_packer extends file_packer {
$size = $info->size;
$name = $info->pathname;
$realfilesize = 0;
if ($name === '' or array_key_exists($name, $processed)) {
//probably filename collisions caused by filename cleaning/conversion
continue;
@ -500,18 +487,15 @@ class zip_packer extends file_packer {
continue;
}
$content = '';
$realfilesize = 0;
while (!feof($fz)) {
$content .= fread($fz, 262143);
$realfilesize = strlen($content); // Current file size.
$totalsizebytes = strlen($content);
if ($realfilesize > $size ||
($areamaxbytes != FILE_AREA_MAX_BYTES_UNLIMITED && $totalsizebytes > $areamaxbytes)) {
$processed[0] = 'cannotunzipquotaexceeded';
// Close and unset the stream and the content.
fclose($fz);
unset($content);
// Cancel all processes.
break(2);
// More was read than was expected, which indicates a malformed/malicious archive.
// Break and let the error handling below take care of the file clean up.
if ($realfilesize > $size) {
break;
}
}
fclose($fz);
@ -557,20 +541,16 @@ class zip_packer extends file_packer {
$processed[$name] = 'Can not read file from zip archive'; // TODO: localise
continue;
}
$realfilesize = 0;
while (!feof($fz)) {
$content = fread($fz, 262143);
$numofbytes = fwrite($fp, $content);
$realfilesize += $numofbytes; // Current file size.
$totalsizebytes += $numofbytes;
if ($realfilesize > $size ||
($areamaxbytes != FILE_AREA_MAX_BYTES_UNLIMITED && $totalsizebytes > $areamaxbytes)) {
$processed[0] = 'cannotunzipquotaexceeded';
// Close and remove the tmpfile.
fclose($fz);
fclose($fp);
unlink($tmpfile);
// Cancel all processes.
break(2);
// More was read than was expected, which indicates a malformed/malicious archive.
// Break and let the error handling below take care of the file clean up.
if ($realfilesize > $size) {
break;
}
}
fclose($fz);

6
repository/draftfiles_ajax.php
View File

@ -237,11 +237,7 @@ switch ($action) {
return $result !== true;
});
if (count($failed) > 0) {
if ($failed[0] == "cannotunzipquotaexceeded") {
$return->error = get_string($failed[0], 'repository');
} else {
$return->error = get_string('cannotunzipextractfileerror', 'repository');
}
$return->error = get_string('cannotunzipextractfileerror', 'repository');
die(json_encode($return));
}