From 0f39d965188588ca7f44c24e18802e8b7ff05879 Mon Sep 17 00:00:00 2001 From: Mathijs van Veluw Date: Sun, 28 Jan 2024 23:32:09 +0100 Subject: [PATCH 1/2] Fix attachment upload size check (#4282) The min/max were reversed with the `add` and `sub` functions. This caused the files to always be out of bounds in the check. Fixes #4281 --- src/api/core/ciphers.rs | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/api/core/ciphers.rs b/src/api/core/ciphers.rs index 3aa4f9d7..b3dca3b6 100644 --- a/src/api/core/ciphers.rs +++ b/src/api/core/ciphers.rs @@ -1123,12 +1123,12 @@ async fn save_attachment( // the client. Upstream allows +/- 1 MiB deviation from this // size, but it's not clear when or why this is needed. const LEEWAY: i64 = 1024 * 1024; // 1 MiB - let Some(min_size) = attachment.file_size.checked_add(LEEWAY) else { - err!("Invalid attachment size min") - }; - let Some(max_size) = attachment.file_size.checked_sub(LEEWAY) else { + let Some(max_size) = attachment.file_size.checked_add(LEEWAY) else { err!("Invalid attachment size max") }; + let Some(min_size) = attachment.file_size.checked_sub(LEEWAY) else { + err!("Invalid attachment size min") + }; if min_size <= size && size <= max_size { if size != attachment.file_size { From 4b9384cb2bdc98d6805e91f73a0ed6ed8ddfbec3 Mon Sep 17 00:00:00 2001 From: Stefan Melmuk <509385+stefan0xC@users.noreply.github.com> Date: Sun, 28 Jan 2024 23:36:27 +0100 Subject: [PATCH 2/2] err on invalid feature flag (#4263) * err on invalid feature flag * print all invalid flags and improve error message --- src/config.rs | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/src/config.rs b/src/config.rs index e99518a7..2f0e9264 100644 --- a/src/config.rs +++ b/src/config.rs @@ -778,12 +778,15 @@ fn validate_config(cfg: &ConfigItems) -> Result<(), Error> { } } + // TODO: deal with deprecated flags so they can be removed from this list, cf. #4263 const KNOWN_FLAGS: &[&str] = &["autofill-overlay", "autofill-v2", "browser-fileless-import", "fido2-vault-credentials"]; - for flag in parse_experimental_client_feature_flags(&cfg.experimental_client_feature_flags).keys() { - if !KNOWN_FLAGS.contains(&flag.as_str()) { - warn!("The experimental client feature flag {flag:?} is unrecognized. Please ensure the feature flag is spelled correctly and that it is supported in this version."); - } + let configured_flags = parse_experimental_client_feature_flags(&cfg.experimental_client_feature_flags); + let invalid_flags: Vec<_> = configured_flags.keys().filter(|flag| !KNOWN_FLAGS.contains(&flag.as_str())).collect(); + if !invalid_flags.is_empty() { + err!(format!("Unrecognized experimental client feature flags: {invalid_flags:?}.\n\n\ + Please ensure all feature flags are spelled correctly and that they are supported in this version.\n\ + Supported flags: {KNOWN_FLAGS:?}")); } const MAX_FILESIZE_KB: i64 = i64::MAX >> 10;