From f1e3314bb790de9f372b47f3bc5af0f2e85b3710 Mon Sep 17 00:00:00 2001
From: Mikael Nordfeldth <mmn@hethane.se>
Date: Fri, 24 Jun 2016 15:47:02 +0200
Subject: [PATCH] StoreRemoteMedia avoids too large files

---
 .../StoreRemoteMediaPlugin.php                | 34 +++++++++++++++----
 1 file changed, 28 insertions(+), 6 deletions(-)

diff --git a/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php b/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php
index f38ca4713e..c9964869a4 100644
--- a/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php
+++ b/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php
@@ -77,22 +77,44 @@ class StoreRemoteMediaPlugin extends Plugin
             return true;
         }
 
-        if (!$this->checkWhiteList($file->getUrl()) ||
-            !$this->checkBlackList($file->getUrl())) {
+        $remoteUrl = $file->getUrl();
+
+        if (!$this->checkWhiteList($remoteUrl) ||
+            !$this->checkBlackList($remoteUrl)) {
 		    return true;
         }
 
-        // First we download the file to memory and test whether it's actually an image file
-        common_debug(sprintf('Downloading remote file id==%u with URL: %s', $file->getID(), _ve($file->getUrl())));
         try {
-            $imgData = HTTPClient::quickGet($file->getUrl());
+            $http = new HTTPClient();
+            common_debug(sprintf('Performing HEAD request for remote file id==%u to avoid unnecessarily downloading too large files. URL: %s', $file->getID(), $remoteUrl));
+            $head = $http->head($remoteUrl);
+            $headers = $head->getHeader();
+            if (!isset($headers['content-length'])) {
+                // file size not specified on remote server
+                common_debug(sprintf('%s: Ignoring remote media because we did not get a content length for file id==%u', __CLASS__, $file->getID()));
+                return true;
+            } elseif (intval($headers['content-length']) > common_config('attachments', 'file_quota')) {
+                // file too big
+                common_debug(sprintf('%s: Skipping remote media because content length (%u) is larger than file_quota (%u) for file id==%u', __CLASS__, intval($headers['content-length']), common_config('attachments', 'file_quota'), $file->getID()));
+                return true;
+            }
+
+            $remoteUrl = $head->effectiveUrl;   // to avoid going through redirects again
+            if (!$this->checkBlackList($remoteUrl)) {
+                common_log(LOG_WARN, sprintf('%s: Non-blacklisted URL %s redirected to blacklisted URL %s', __CLASS__, $file->getUrl(), $remoteUrl));
+                return true;
+            }
+
+            // Then we download the file to memory and test whether it's actually an image file
+            common_debug(sprintf('Downloading remote file id==%u with effective URL: %s', $file->getID(), _ve($remoteUrl)));
+            $imgData = $http->get($remoteUrl);
         } catch (HTTP_Request2_ConnectionException $e) {
             common_log(LOG_ERR, __CLASS__.': quickGet on URL: '._ve($file->getUrl()).' threw exception: '.$e->getMessage());
             return true;
         }
         $info = @getimagesizefromstring($imgData);
         if ($info === false) {
-            throw new UnsupportedMediaException(_('Remote file format was not identified as an image.'), $file->getUrl());
+            throw new UnsupportedMediaException(_('Remote file format was not identified as an image.'), $remoteUrl);
         } elseif (!$info[0] || !$info[1]) {
             throw new UnsupportedMediaException(_('Image file had impossible geometry (0 width or height)'));
         }