Protect against zip bombs; closes pterodactyl/panel#883

server/filesystem.go

@@ -29,6 +29,8 @@ import (
 // Error returned when there is a bad path provided to one of the FS calls.
 type PathResolutionError struct{}
 
+var ErrNotEnoughDiskSpace = errors.New("not enough disk space is available to perform this operation")
+
 // Returns the error response in a string form that can be more easily consumed.
 func (pre PathResolutionError) Error() string {
 	return "invalid path resolution"

server/filesystem_unarchive.go

@@ -32,14 +32,17 @@ func (fs *Filesystem) SpaceAvailableForDecompression(dir string, file string) (b
 	dirSize, err := fs.DiskUsage(false)
 
 	var size int64
+	var max = fs.Server.DiskSpace() * 1000.0 * 1000.0
 	// Walk over the archive and figure out just how large the final output would be from unarchiving it.
-	archiver.Walk(source, func(f archiver.File) error {
+	err = archiver.Walk(source, func(f archiver.File) error {
-		atomic.AddInt64(&size, f.Size())
+		if atomic.AddInt64(&size, f.Size()) + dirSize > max {
+			return errors.WithStack(ErrNotEnoughDiskSpace)
+		}
 
 		return nil
 	})
 
-	return ((dirSize + size) / 1000.0 / 1000.0) <= fs.Server.DiskSpace(), errors.WithStack(err)
+	return err == nil, errors.WithStack(err)
 }
 
 // Decompress a file in a given directory by using the archiver tool to infer the file