extern/audiobookshelf
1
0
Fork 0
mirror of https://github.com/advplyr/audiobookshelf.git synced 2024-12-29 01:58:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1994 from NiclasHaderer/fix-backup-server-crash

Browse Source 
Fix: server crash when uploading invalid backup file
This commit is contained in:
advplyr 2023-08-07 17:17:57 -05:00 committed by GitHub
commit fbb5fd41fb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -15,3 +15,4 @@ test/
sw.*
.DS_STORE
.idea/*

15
server/managers/BackupManager.js
View File

@ -8,6 +8,7 @@ const cron = require('../libs/nodeCron')
const fs = require('../libs/fsExtra')
const archiver = require('../libs/archiver')
const StreamZip = require('../libs/nodeStreamZip')
const fileUtils = require('../utils/fileUtils')
// Utils
const { getFileSize } = require('../utils/fileUtils')
@ -82,7 +83,7 @@ class BackupManager {
return res.status(500).send('Invalid backup file')
}
const tempPath = Path.join(this.BackupPath, backupFile.name)
const tempPath = Path.join(this.BackupPath, fileUtils.sanitizeFilename(backupFile.name))
const success = await backupFile.mv(tempPath).then(() => true).catch((error) => {
Logger.error('[BackupManager] Failed to move backup file', path, error)
return false
@ -92,8 +93,14 @@ class BackupManager {
}
const zip = new StreamZip.async({ file: tempPath })
const entries = await zip.entries()
let entries
try {
entries = await zip.entries()
} catch(error){
// Not a valid zip file
Logger.error('[BackupManager] Failed to read backup file - backup might not be a valid .zip file', tempPath, error)
return res.status(400).send('Failed to read backup file - backup might not be a valid .zip file')
}
if (!Object.keys(entries).includes('absdatabase.sqlite')) {
Logger.error(`[BackupManager] Invalid backup with no absdatabase.sqlite file - might be a backup created on an old Audiobookshelf server.`)
return res.status(500).send('Invalid backup with no absdatabase.sqlite file - might be a backup created on an old Audiobookshelf server.')
@ -267,7 +274,7 @@ class BackupManager {
/**
* @see https://github.com/TryGhost/node-sqlite3/pull/1116
* @param {Backup} backup
* @param {Backup} backup
* @promise
*/
backupSqliteDb(backup) {