AUR web interface

Tasklist

FS#29587 - Gracefully handle uploads exceeding upload_max_filesize

Attached to Project: AUR web interface
Opened by Dave Reisner (falconindy) - Tuesday, 24 April 2012, 03:06 GMT
Last edited by Lukas Fleischer (lfleischer) - Sunday, 04 November 2012, 11:45 GMT
Task Type Bug Report
Category Backend
Status Closed
Assigned To Lukas Fleischer (lfleischer)
Architecture All
Severity Low
Priority Normal
Reported Version 1.9.1
Due in Version 2.0.0
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

I was hunting down a fairly obnoxious bug in burp tonight and noticed that if you try to upload a file over 2MB in size, the AUR simply replies with the error "No file uploaded". This isn't helpful. According to [1], $_FILES['pfile']['error'] can be used to explcitly detect the failure rather than simply looking at the uploaded file size.

I've attached a trivial patch which accomplishes this.

[1] http://php.net/manual/en/features.file-upload.errors.php
   0001-pkgsubmit-catch-files-th... (0.9 KiB)
This task depends upon

Closed by  Lukas Fleischer (lfleischer)
Sunday, 04 November 2012, 11:45 GMT
Reason for closing:  Fixed
Additional comments about closing:  Fixed in 2.0.0.
Comment by canyonknight (canyonknight) - Thursday, 31 May 2012, 21:23 GMT
I ran into a problem with that same line of code, in my case I had a partially uploaded file cause problems. I came to a similar conclusion as Dave to use $_FILES['pfile']['error'] in making a patch. I've attached my patch for perusal if you want to see an alternative take.

Both of our patches work well for when upload_max_filesize is exceeded. One problem is there are really three different upload limits: upload_max_filesize, post_max_size, and memory_limit. memory_limit won't be exceeded in this case. The one that could be a problem with these patches is post_max_size. If post_max_size is exceeded, neither patch will print the error message even though the max size has been exceeded. The range the max size error message will be printed is from upload_max_filesize up to post_max_size.

What is post_max_size set to on the AUR server? If it is sizably different than upload_max_filesize, it doesn't really matter. If they are set to about the same value, the error message will essentially never be printed. It is possible to correct that, but it would likely be messier and not worth the time.
   0001-pkgsubmit.php-Improve-fi... (1.7 KiB)
Comment by Lukas Fleischer (lfleischer) - Sunday, 03 June 2012, 21:24 GMT
canyonknight: Looks good to me. Is that one in your working branch?
Comment by canyonknight (canyonknight) - Monday, 04 June 2012, 21:23 GMT
Lukas: That patch isn't currently on my working branch. It was made against the AUR master branch.
Comment by Lukas Fleischer (lfleischer) - Monday, 09 July 2012, 11:26 GMT
Fixed in b5ffdeb63e3df5c341f9ccdafcfbaa446c5670f4.

Loading...