Patch #25240 » 0001-changes-the-digest-used-for-attachments-to-SHA256.patch
| app/models/attachment.rb | ||
|---|---|---|
| 15 | 15 |
# along with this program; if not, write to the Free Software |
| 16 | 16 |
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
| 17 | 17 | |
| 18 |
require "digest/md5"
|
|
| 18 |
require "digest" |
|
| 19 | 19 |
require "fileutils" |
| 20 | 20 | |
| 21 | 21 |
class Attachment < ActiveRecord::Base |
| ... | ... | |
| 116 | 116 |
unless File.directory?(path) |
| 117 | 117 |
FileUtils.mkdir_p(path) |
| 118 | 118 |
end |
| 119 |
md5 = Digest::MD5.new
|
|
| 119 |
sha = Digest::SHA256.new
|
|
| 120 | 120 |
File.open(diskfile, "wb") do |f| |
| 121 | 121 |
if @temp_file.respond_to?(:read) |
| 122 | 122 |
buffer = "" |
| 123 | 123 |
while (buffer = @temp_file.read(8192)) |
| 124 | 124 |
f.write(buffer) |
| 125 |
md5.update(buffer)
|
|
| 125 |
sha.update(buffer)
|
|
| 126 | 126 |
end |
| 127 | 127 |
else |
| 128 | 128 |
f.write(@temp_file) |
| 129 |
md5.update(@temp_file)
|
|
| 129 |
sha.update(@temp_file)
|
|
| 130 | 130 |
end |
| 131 | 131 |
end |
| 132 |
self.digest = md5.hexdigest
|
|
| 132 |
self.digest = sha.hexdigest
|
|
| 133 | 133 |
end |
| 134 | 134 |
@temp_file = nil |
| 135 | 135 | |
| db/migrate/20170302015225_widen_attachments_digest.rb | ||
|---|---|---|
| 1 |
class WidenAttachmentsDigest < ActiveRecord::Migration |
|
| 2 |
def up |
|
| 3 |
change_column :attachments, :digest, :string, limit: 64 |
|
| 4 |
end |
|
| 5 |
def down |
|
| 6 |
change_column :attachments, :digest, :string, limit: 40 |
|
| 7 |
end |
|
| 8 |
end |
|
| test/unit/attachment_test.rb | ||
|---|---|---|
| 62 | 62 |
assert_equal 59, a.filesize |
| 63 | 63 |
assert_equal 'text/plain', a.content_type |
| 64 | 64 |
assert_equal 0, a.downloads |
| 65 |
assert_equal '1478adae0d4eb06d35897518540e25d6', a.digest
|
|
| 65 |
assert_equal '6bc2eb7e87cfbf9145065689aaa8b5f513089ca0af68e2dc41f9cc025473d106', a.digest
|
|
| 66 | 66 | |
| 67 | 67 |
assert a.disk_directory |
| 68 | 68 |
assert_match %r{\A\d{4}/\d{2}\z}, a.disk_directory
|
| ... | ... | |
| 188 | 188 |
assert_equal 59, a.filesize |
| 189 | 189 |
assert_equal 'text/plain', a.content_type |
| 190 | 190 |
assert_equal 0, a.downloads |
| 191 |
assert_equal '1478adae0d4eb06d35897518540e25d6', a.digest
|
|
| 191 |
assert_equal '6bc2eb7e87cfbf9145065689aaa8b5f513089ca0af68e2dc41f9cc025473d106', a.digest
|
|
| 192 | 192 |
diskfile = a.diskfile |
| 193 | 193 |
assert File.exist?(diskfile) |
| 194 | 194 |
assert_equal 59, File.size(a.diskfile) |
| test/unit/mail_handler_test.rb | ||
|---|---|---|
| 519 | 519 |
assert_equal 10790, attachment.filesize |
| 520 | 520 |
assert File.exist?(attachment.diskfile) |
| 521 | 521 |
assert_equal 10790, File.size(attachment.diskfile) |
| 522 |
assert_equal 'caaf384198bcbc9563ab5c058acd73cd', attachment.digest
|
|
| 522 |
assert_equal '4474dd534c36bdd212e2efc549507377c3e77147c9167b66dedcebfe9da8807f', attachment.digest
|
|
| 523 | 523 |
end |
| 524 | 524 | |
| 525 | 525 |
def test_thunderbird_with_attachment_ja |
| ... | ... | |
| 535 | 535 |
assert_equal 5, attachment.filesize |
| 536 | 536 |
assert File.exist?(attachment.diskfile) |
| 537 | 537 |
assert_equal 5, File.size(attachment.diskfile) |
| 538 |
assert_equal 'd8e8fca2dc0f896fd7cb4cb0031ba249', attachment.digest
|
|
| 538 |
assert_equal 'f2ca1bb6c7e907d06dafe4687e579fce76b37e4e93b7605022da52e6ccc26fd2', attachment.digest
|
|
| 539 | 539 |
end |
| 540 | 540 | |
| 541 | 541 |
def test_invalid_utf8 |
| ... | ... | |
| 561 | 561 |
assert_equal 5, attachment.filesize |
| 562 | 562 |
assert File.exist?(attachment.diskfile) |
| 563 | 563 |
assert_equal 5, File.size(attachment.diskfile) |
| 564 |
assert_equal 'd8e8fca2dc0f896fd7cb4cb0031ba249', attachment.digest
|
|
| 564 |
assert_equal 'f2ca1bb6c7e907d06dafe4687e579fce76b37e4e93b7605022da52e6ccc26fd2', attachment.digest
|
|
| 565 | 565 |
end |
| 566 | 566 | |
| 567 | 567 |
def test_thunderbird_with_attachment_latin1 |
| ... | ... | |
| 579 | 579 |
assert_equal 130, attachment.filesize |
| 580 | 580 |
assert File.exist?(attachment.diskfile) |
| 581 | 581 |
assert_equal 130, File.size(attachment.diskfile) |
| 582 |
assert_equal '4d80e667ac37dddfe05502530f152abb', attachment.digest
|
|
| 582 |
assert_equal '5635d67364de20432247e651dfe86fcb2265ad5e9750bd8bba7319a86363e738', attachment.digest
|
|
| 583 | 583 |
end |
| 584 | 584 | |
| 585 | 585 |
def test_gmail_with_attachment_latin1 |
| ... | ... | |
| 597 | 597 |
assert_equal 5, attachment.filesize |
| 598 | 598 |
assert File.exist?(attachment.diskfile) |
| 599 | 599 |
assert_equal 5, File.size(attachment.diskfile) |
| 600 |
assert_equal 'd8e8fca2dc0f896fd7cb4cb0031ba249', attachment.digest
|
|
| 600 |
assert_equal 'f2ca1bb6c7e907d06dafe4687e579fce76b37e4e93b7605022da52e6ccc26fd2', attachment.digest
|
|
| 601 | 601 |
end |
| 602 | 602 | |
| 603 | 603 |
def test_mail_with_attachment_latin2 |