Context Navigation

← Previous Ticket
Next Ticket →

#21033 closed Bug (fixed)

Uploaded file's name truncates to 255 not in all cases

Reported by:	homm	Owned by:	nobody
Component:	File uploads/storage	Version:	dev
Severity:	Normal	Keywords:
Cc:	bmispelon@…	Triage Stage:	Accepted
Has patch:	yes	Needs documentation:	no
Needs tests:	no	Patch needs improvement:	yes
Easy pickings:	no	UI/UX:	no

Description

If uploaded file name has very-ver long extension, it not truncates to 255 chars.

Change History (8)

comment:1 by homm, 11 years ago

https://github.com/django/django/pull/1548

comment:2 by Tim Graham, 11 years ago

Changing the file extension seems like it may not be a good idea. Did you run into a problem with this?

comment:3 by homm, 11 years ago

What do you mean by "extension"? This patch truncate sequence of chars after last dot longer then 255 chars. Is such sequence can be called "extension"? I do not think so.

I see problem there: malefactor can send file with name longer then 255 chars. I don't know, is it problem does matter at all. If it does matter let's do strict check. If it is doesn't matter, let's remove this check at all.

Last edited 11 years ago by homm (previous) (diff)

comment:4 by sduveen, 11 years ago

Triage Stage:	Unreviewed → Accepted

I don't think 'file extension' can reasonably describe anything that is over 255 chars after a dot. Patch and test look good. (refering to https://github.com/django/django/pull/1548/files#L0L45)

comment:5 by sduveen, 11 years ago

Triage Stage:	Accepted → Ready for checkin

comment:6 by Baptiste Mispelon, 11 years ago

Cc:	bmispelon@… added
Patch needs improvement:	set
Triage Stage:	Ready for checkin → Accepted

I think the tests should be moved to file_uploads/, next to the one that tests the truncating functionality [1].

I would also rewrite them to immitate the test_filename_overflow test, which I think tests the issue more accurately: we want to make sure that an uploaded file doesn't have a name longer than 255 characters.

Thanks.

[1] https://github.com/django/django/blob/master/tests/file_uploads/tests.py#L168

comment:7 by homm, 11 years ago

I update patch and move tests in file_uploads.

comment:8 by Baptiste Mispelon <bmispelon@…>, 11 years ago

Resolution:	→ fixed
Status:	new → closed

In 7008ed61c519f93a9b6c5c547ad718ad2deb959b:

Fixed #21033 -- Fixed uploaded filenames not always being truncated to 255 characters

Note: See TracTickets for help on using tickets.

Download in other formats:

Issues