From abfa8684231c2426e5c8c0228b3f9fa41b62e713 Mon Sep 17 00:00:00 2001 From: BlackDex Date: Wed, 27 Jul 2022 17:12:04 +0200 Subject: [PATCH] Mitigate attachment/send upload issues This PR attends to mitigate (not fix) #2644. There seems to be an issue when uploading files either as attachment or via send via the mobile (Android) client. The binary data gets transfered correctly to Vaultwarden (Checked via Wireshark), but the data is not parsed correctly for some reason. Since the parsing is not done by Vaultwarden it self, i think we should at least try to prevent saving the data and letting users think all fine. Further investigation is needed to actually fix this issue. This is just a quick patch. --- src/api/core/ciphers.rs | 11 +++++++++++ src/api/core/sends.rs | 11 +++++++++++ 2 files changed, 22 insertions(+) diff --git a/src/api/core/ciphers.rs b/src/api/core/ciphers.rs index 52919273..b491424e 100644 --- a/src/api/core/ciphers.rs +++ b/src/api/core/ciphers.rs @@ -947,6 +947,17 @@ async fn save_attachment( let mut data = data.into_inner(); + // There seems to be a bug somewhere regarding uploading attachments using the Android Client (Maybe iOS too?) + // See: https://github.com/dani-garcia/vaultwarden/issues/2644 + // Since all other clients seem to match TempFile::File and not TempFile::Buffered lets catch this and return an error for now. + // We need to figure out how to solve this, but for now it's better to not accept these attachments since they will be broken. + if let TempFile::Buffered { + content: _, + } = &data.data + { + err!("Error reading attachment data. Please try an other client."); + } + if let Some(size_limit) = size_limit { if data.data.len() > size_limit { err!("Attachment storage limit exceeded with this file"); diff --git a/src/api/core/sends.rs b/src/api/core/sends.rs index ddf23392..4f3291dc 100644 --- a/src/api/core/sends.rs +++ b/src/api/core/sends.rs @@ -216,6 +216,17 @@ async fn post_send_file(data: Form>, headers: Headers, conn: DbCo err!("Send content is not a file"); } + // There seems to be a bug somewhere regarding uploading attachments using the Android Client (Maybe iOS too?) + // See: https://github.com/dani-garcia/vaultwarden/issues/2644 + // Since all other clients seem to match TempFile::File and not TempFile::Buffered lets catch this and return an error for now. + // We need to figure out how to solve this, but for now it's better to not accept these attachments since they will be broken. + if let TempFile::Buffered { + content: _, + } = &data + { + err!("Error reading send file data. Please try an other client."); + } + let size = data.len(); if size > size_limit { err!("Attachment storage limit exceeded with this file");