Skip to content

Commit ec87de3

Browse files
kesselbkesselb
committed
Verify that destination is not a directory.
Otherwise file_put_contents will fail later. Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
1 parent 09bb8ac commit ec87de3

File tree

2 files changed

+54
-5
lines changed

2 files changed

+54
-5
lines changed

apps/dav/lib/Upload/ChunkingPlugin.php

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,10 @@
2323

2424
namespace OCA\DAV\Upload;
2525

26+
use OCA\DAV\Connector\Sabre\Directory;
2627
use Sabre\DAV\Exception\BadRequest;
28+
use Sabre\DAV\Exception\NotFound;
29+
use Sabre\DAV\INode;
2730
use Sabre\DAV\Server;
2831
use Sabre\DAV\ServerPlugin;
2932

@@ -45,6 +48,9 @@ public function initialize(Server $server) {
4548
/**
4649
* @param string $sourcePath source path
4750
* @param string $destination destination path
51+
* @return bool|void
52+
* @throws BadRequest
53+
* @throws NotFound
4854
*/
4955
public function beforeMove($sourcePath, $destination) {
5056
$this->sourceNode = $this->server->tree->getNodeForPath($sourcePath);
@@ -53,6 +59,17 @@ public function beforeMove($sourcePath, $destination) {
5359
return;
5460
}
5561

62+
try {
63+
/** @var INode $destinationNode */
64+
$destinationNode = $this->server->tree->getNodeForPath($destination);
65+
} catch (NotFound $e) {
66+
$destinationNode = null;
67+
}
68+
69+
if ($destinationNode instanceof Directory) {
70+
throw new BadRequest("The given destination $destination is a directory.");
71+
}
72+
5673
$this->verifySize();
5774
return $this->performMove($sourcePath, $destination);
5875
}

apps/dav/tests/unit/Upload/ChunkingPluginTest.php

Lines changed: 37 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@
2727
use OCA\DAV\Connector\Sabre\Directory;
2828
use OCA\DAV\Upload\ChunkingPlugin;
2929
use OCA\DAV\Upload\FutureFile;
30+
use Sabre\DAV\Exception\NotFound;
3031
use Sabre\HTTP\RequestInterface;
3132
use Sabre\HTTP\ResponseInterface;
3233
use Test\TestCase;
@@ -77,7 +78,7 @@ protected function setUp(): void {
7778
public function testBeforeMoveFutureFileSkip() {
7879
$node = $this->createMock(Directory::class);
7980

80-
$this->tree->expects($this->any())
81+
$this->tree->expects($this->at(0))
8182
->method('getNodeForPath')
8283
->with('source')
8384
->willReturn($node);
@@ -87,16 +88,39 @@ public function testBeforeMoveFutureFileSkip() {
8788
$this->assertNull($this->plugin->beforeMove('source', 'target'));
8889
}
8990

91+
public function testBeforeMoveDestinationIsDirectory() {
92+
$this->expectException(\Sabre\DAV\Exception\BadRequest::class);
93+
$this->expectExceptionMessage('The given destination target is a directory.');
94+
95+
$sourceNode = $this->createMock(FutureFile::class);
96+
$targetNode = $this->createMock(Directory::class);
97+
98+
$this->tree->expects($this->at(0))
99+
->method('getNodeForPath')
100+
->with('source')
101+
->willReturn($sourceNode);
102+
$this->tree->expects($this->at(1))
103+
->method('getNodeForPath')
104+
->with('target')
105+
->willReturn($targetNode);
106+
107+
$this->assertNull($this->plugin->beforeMove('source', 'target'));
108+
}
109+
90110
public function testBeforeMoveFutureFileSkipNonExisting() {
91111
$sourceNode = $this->createMock(FutureFile::class);
92112
$sourceNode->expects($this->once())
93113
->method('getSize')
94114
->willReturn(4);
95115

96-
$this->tree->expects($this->any())
116+
$this->tree->expects($this->at(0))
97117
->method('getNodeForPath')
98118
->with('source')
99119
->willReturn($sourceNode);
120+
$this->tree->expects($this->at(1))
121+
->method('getNodeForPath')
122+
->with('target')
123+
->willThrowException(new NotFound());
100124
$this->tree->expects($this->any())
101125
->method('nodeExists')
102126
->with('target')
@@ -117,10 +141,14 @@ public function testBeforeMoveFutureFileMoveIt() {
117141
->method('getSize')
118142
->willReturn(4);
119143

120-
$this->tree->expects($this->any())
144+
$this->tree->expects($this->at(0))
121145
->method('getNodeForPath')
122146
->with('source')
123147
->willReturn($sourceNode);
148+
$this->tree->expects($this->at(1))
149+
->method('getNodeForPath')
150+
->with('target')
151+
->willThrowException(new NotFound());
124152
$this->tree->expects($this->any())
125153
->method('nodeExists')
126154
->with('target')
@@ -143,7 +171,7 @@ public function testBeforeMoveFutureFileMoveIt() {
143171
$this->assertFalse($this->plugin->beforeMove('source', 'target'));
144172
}
145173

146-
174+
147175
public function testBeforeMoveSizeIsWrong() {
148176
$this->expectException(\Sabre\DAV\Exception\BadRequest::class);
149177
$this->expectExceptionMessage('Chunks on server do not sum up to 4 but to 3 bytes');
@@ -153,10 +181,14 @@ public function testBeforeMoveSizeIsWrong() {
153181
->method('getSize')
154182
->willReturn(3);
155183

156-
$this->tree->expects($this->any())
184+
$this->tree->expects($this->at(0))
157185
->method('getNodeForPath')
158186
->with('source')
159187
->willReturn($sourceNode);
188+
$this->tree->expects($this->at(1))
189+
->method('getNodeForPath')
190+
->with('target')
191+
->willThrowException(new NotFound());
160192
$this->request->expects($this->once())
161193
->method('getHeader')
162194
->with('OC-Total-Length')

0 commit comments

Comments
 (0)