Fix send file length always zero (#1175)

* HttpStream must be read prior to knowing it length We also need to create the send prior to saving the stream so we have well defined save location. Solve chicken-and-egg problem by saving the Send twice. This also allows for validation that the stream received is the same length as that promissed by the content-length header * Get encrypted file length from request
2024-11-22 12:15:36 +01:00 · 2021-03-02 09:27:11 -06:00 · 2021-03-02 09:27:11 -06:00 · c2d34d7271
commit c2d34d7271
parent 8d5fc21b51
3 changed files with 16 additions and 2 deletions
--- a/src/Api/Controllers/SendsController.cs
+++ b/src/Api/Controllers/SendsController.cs
@ -160,7 +160,7 @@ namespace Bit.Api.Controllers
                var userId = _userService.GetProperUserId(User).Value;
                var (madeSend, madeData) = model.ToSend(userId, fileName, _sendService);
                send = madeSend;
-                await _sendService.CreateSendAsync(send, madeData, stream, Request.ContentLength.GetValueOrDefault(0));
+                await _sendService.CreateSendAsync(send, madeData, stream, model.FileLength.GetValueOrDefault(0));
            });

            return new SendResponseModel(send, _globalSettings);
--- a/src/Core/Models/Api/Request/SendRequestModel.cs
+++ b/src/Core/Models/Api/Request/SendRequestModel.cs
@ -13,6 +13,7 @@ namespace Bit.Core.Models.Api
    public class SendRequestModel
    {
        public SendType Type { get; set; }
+        public long? FileLength { get; set; }
        [EncryptedString]
        [EncryptedStringLength(1000)]
        public string Name { get; set; }
--- a/src/Core/Services/Implementations/SendService.cs
+++ b/src/Core/Services/Implementations/SendService.cs
@ -128,11 +128,24 @@ namespace Bit.Core.Services
            try
            {
                data.Id = fileId;
-                data.Size = stream.Length;
                send.Data = JsonConvert.SerializeObject(data,
                    new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore });
                await SaveSendAsync(send);
                await _sendFileStorageService.UploadNewFileAsync(stream, send, fileId);
+                // Need to save length of stream since that isn't available until it is read
+                if (stream.Length <= requestLength)
+                {
+                    data.Size = stream.Length;
+                    send.Data = JsonConvert.SerializeObject(data,
+                        new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore });
+                    await SaveSendAsync(send);
+                }
+                else
+                {
+                    await DeleteSendAsync(send);
+                    throw new BadRequestException("Content-Length header is smaller than file received.");
+                }
+
            }
            catch
            {