empayre/fleet
14
0
Fork 0
mirror of https://github.com/empayre/fleet.git synced 2024-11-06 00:45:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Consider an empty EULA pdf file the same as an invalid one, returning 400 Bad Request (#12542)

Browse Source
This commit is contained in:
Martin Angers 2023-06-28 08:19:42 -04:00 committed by GitHub
parent d050f7f1f7
commit e323a3d881
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 12 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
changes/bug-12403-fix-post-eula-status-code Normal file
View File

@ -0,0 +1 @@
* Fixed a bug where an empty file uploaded to `POST /api/latest/fleet/mdm/apple/setup/eula` resulted in a 500, now returns a 400 Bad Request.

4
pkg/file/pdf.go
View File

@ -16,7 +16,9 @@ var pdfMagic = []byte{0x25, 0x50, 0x44, 0x46}
func CheckPDF(pdf io.Reader) error {
buf := make([]byte, len(pdfMagic))
if _, err := io.ReadFull(pdf, buf); err != nil {
if errors.Is(err, io.ErrUnexpectedEOF) {
// ReadFull returns ErrUnexpectedEOF if it can't read enough bytes, or EOF
// if it cannot read a single byte.
if errors.Is(err, io.ErrUnexpectedEOF) || errors.Is(err, io.EOF) {
return ErrInvalidType
}
return fmt.Errorf("reading magic bytes: %w", err)

6
pkg/file/pdf_test.go
View File

@ -12,9 +12,13 @@ func TestCheckPDF(t *testing.T) {
in []byte
outErr string
}{
{[]byte{}, "reading magic bytes: EOF"},
{[]byte{}, ErrInvalidType.Error()},
{[]byte("--"), ErrInvalidType.Error()},
{[]byte("invalid"), ErrInvalidType.Error()},
{[]byte("%"), ErrInvalidType.Error()},
{[]byte("%P"), ErrInvalidType.Error()},
{[]byte("%PD"), ErrInvalidType.Error()},
{[]byte("%PDF"), ""},
{[]byte("%PDF-"), ""},
{[]byte("%PDF-1"), ""},
{[]byte("%PDF-2"), ""},

4
server/service/integration_mdm_test.go
View File

@ -3573,7 +3573,9 @@ func (s *integrationMDMTestSuite) TestEULA() {
s.DoJSON("GET", "/api/latest/fleet/mdm/apple/setup/eula/metadata", nil, http.StatusNotFound, &metadataResp)
// trying to upload a file that is not a PDF fails
s.uploadEULA(&fleet.MDMAppleEULA{Bytes: []byte("should-fail"), Name: "should-fail.pdf"}, http.StatusBadRequest, "")
s.uploadEULA(&fleet.MDMAppleEULA{Bytes: []byte("should-fail"), Name: "should-fail.pdf"}, http.StatusBadRequest, "invalid file type")
// trying to upload an empty file fails
s.uploadEULA(&fleet.MDMAppleEULA{Bytes: []byte{}, Name: "should-fail.pdf"}, http.StatusBadRequest, "invalid file type")
// admin is able to upload a new EULA
s.uploadEULA(&fleet.MDMAppleEULA{Bytes: pdfBytes, Name: pdfName}, http.StatusOK, "")