◐ Shell
clean mode source ↗

fix: cap total zip expansion during tar conversion by geokat · Pull Request #25877 · coder/coder

github-actions

Summary

Reject ZIP uploads whose expanded tar output exceeds the file upload limit.

This change adds aggregate size enforcement when converting ZIP uploads to tar,
so small compressed archives can no longer expand without bound in memory. ZIP
uploads that exceed the configured expansion limit now return
413 Request Entity Too Large, and malformed ZIP content now returns
400 Bad Request instead of surfacing as an internal error.

Changes

  • add archive-level preflight checks for projected tar size
  • add writer-side aggregate limits while streaming tar output
  • propagate tar.Writer.Close() errors instead of dropping them
  • classify malformed ZIP entry metadata and content mismatches as invalid input
  • return 413 from POST /api/v2/files when expanded ZIP content is too large
  • return 400 from POST /api/v2/files for invalid ZIP archive contents
  • add regression coverage for oversized ZIP expansion and invalid ZIP metadata

Ref: https://linear.app/codercom/issue/PLAT-274