From b71a15a6a09f0a562afebc3a3e286fdc568b3b37 Mon Sep 17 00:00:00 2001 From: Brian Gough Date: Thu, 1 Jun 2017 13:36:13 +0100 Subject: [PATCH 1/2] null byte check for JSON.stringify in archiving --- services/track-changes/app/coffee/MongoAWS.coffee | 3 +++ 1 file changed, 3 insertions(+) diff --git a/services/track-changes/app/coffee/MongoAWS.coffee b/services/track-changes/app/coffee/MongoAWS.coffee index 8a0a065317..7e56913a9d 100644 --- a/services/track-changes/app/coffee/MongoAWS.coffee +++ b/services/track-changes/app/coffee/MongoAWS.coffee @@ -46,6 +46,9 @@ module.exports = MongoAWS = return callback new Error("cannot find pack to send to s3") if not result? return callback new Error("refusing to send pack with TTL to s3") if result.expiresAt? uncompressedData = JSON.stringify(result) + if uncompressedData.indexOf("\u0000") != -1 + error = new Error("null bytes found in upload") + logger.error err: error, project_id: project_id, doc_id: doc_id, pack_id: pack_id, error.message zlib.gzip uncompressedData, (err, buf) -> logger.log {project_id, doc_id, pack_id, origSize: uncompressedData.length, newSize: buf.length}, "compressed pack" return callback(err) if err? From e8dfe3099fecac13e4f470316ba19040d716bf39 Mon Sep 17 00:00:00 2001 From: Brian Gough Date: Fri, 2 Jun 2017 14:13:33 +0100 Subject: [PATCH 2/2] add missing callback for null byte check --- services/track-changes/app/coffee/MongoAWS.coffee | 1 + 1 file changed, 1 insertion(+) diff --git a/services/track-changes/app/coffee/MongoAWS.coffee b/services/track-changes/app/coffee/MongoAWS.coffee index 7e56913a9d..4308763a7a 100644 --- a/services/track-changes/app/coffee/MongoAWS.coffee +++ b/services/track-changes/app/coffee/MongoAWS.coffee @@ -49,6 +49,7 @@ module.exports = MongoAWS = if uncompressedData.indexOf("\u0000") != -1 error = new Error("null bytes found in upload") logger.error err: error, project_id: project_id, doc_id: doc_id, pack_id: pack_id, error.message + return callback(error) zlib.gzip uncompressedData, (err, buf) -> logger.log {project_id, doc_id, pack_id, origSize: uncompressedData.length, newSize: buf.length}, "compressed pack" return callback(err) if err?