Protect against zip bombs; closes pterodactyl/panel#883

2020-09-17 20:37:34 -07:00 · 2020-09-17 20:37:34 -07:00 · 6ba49df485
commit 6ba49df485
parent 6b25ac3665
2 changed files with 8 additions and 3 deletions
--- a/server/filesystem.go
+++ b/server/filesystem.go
@ -29,6 +29,8 @@ import (
 // Error returned when there is a bad path provided to one of the FS calls.
 type PathResolutionError struct{}

+var ErrNotEnoughDiskSpace = errors.New("not enough disk space is available to perform this operation")
+
 // Returns the error response in a string form that can be more easily consumed.
 func (pre PathResolutionError) Error() string {
 	return "invalid path resolution"
--- a/server/filesystem_unarchive.go
+++ b/server/filesystem_unarchive.go
@ -32,14 +32,17 @@ func (fs *Filesystem) SpaceAvailableForDecompression(dir string, file string) (b
 	dirSize, err := fs.DiskUsage(false)

 	var size int64
+	var max = fs.Server.DiskSpace() * 1000.0 * 1000.0
 	// Walk over the archive and figure out just how large the final output would be from unarchiving it.
-	archiver.Walk(source, func(f archiver.File) error {
-		atomic.AddInt64(&size, f.Size())
+	err = archiver.Walk(source, func(f archiver.File) error {
+		if atomic.AddInt64(&size, f.Size()) + dirSize > max {
+			return errors.WithStack(ErrNotEnoughDiskSpace)
+		}

 		return nil
 	})

-	return ((dirSize + size) / 1000.0 / 1000.0) <= fs.Server.DiskSpace(), errors.WithStack(err)
+	return err == nil, errors.WithStack(err)
 }

 // Decompress a file in a given directory by using the archiver tool to infer the file