Skip to content

Show better error message on exceeding absolute request body cap #46

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Apr 16, 2025
Merged

Show better error message on exceeding absolute request body cap #46

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
74d5b53
Add failing test coverage
bdach Apr 15, 2025
9e33bd4
Show better error message on exceeding absolute request body cap
bdach Apr 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 6 additions & 4 deletions osu.Server.BeatmapSubmission.Tests/BeatmapSubmissionControllerTest.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1028,8 +1028,10 @@ public async Task TestUploadFullPackage_PathTraversalAttackFails(string suspicio
Assert.False(response.IsSuccessStatusCode);
}

[Fact]
public async Task TestUploadFullPackage_FailsIfSizeTooLarge()
[Theory]
[InlineData(50 * 1024 * 1024)]
[InlineData(200000001)]
public async Task TestUploadFullPackage_FailsIfSizeTooLarge(long size)
{
using var db = await DatabaseAccess.GetConnectionAsync();
await db.ExecuteAsync("INSERT INTO `phpbb_users` (`user_id`, `username`, `username_clean`, `country_acronym`, `user_permissions`, `user_sig`, `user_occ`, `user_interests`) VALUES (1000, 'test', 'test', 'JP', '', '', '', '')");
Expand All @@ -1042,7 +1044,7 @@ public async Task TestUploadFullPackage_FailsIfSizeTooLarge()
var request = new HttpRequestMessage(HttpMethod.Put, "/beatmapsets/241526");

using var content = new MultipartFormDataContent($"{Guid.NewGuid()}----");
byte[] data = new byte[50 * 1024 * 1024];
byte[] data = new byte[size];
new Random(1337).NextBytes(data);
var stream = new MemoryStream();

Expand All @@ -1059,7 +1061,7 @@ public async Task TestUploadFullPackage_FailsIfSizeTooLarge()

var response = await Client.SendAsync(request);
Assert.False(response.IsSuccessStatusCode);
Assert.Contains("The beatmap package is too large.", (await response.Content.ReadFromJsonAsync<ErrorResponse>())!.Error);
Assert.Contains("too large", (await response.Content.ReadFromJsonAsync<ErrorResponse>())!.Error);
}

[Fact]
Expand Down
18 changes: 2 additions & 16 deletions osu.Server.BeatmapSubmission/BeatmapSubmissionController.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -493,22 +493,8 @@ private void checkPackageSize(long packageSizeBytes, BeatmapPackageParseResult p
if (packageSizeBytes > allowableSizeBytes)
{
throw new InvariantException($"The beatmap package is too large. "
+ $"The size of the package with the requested changes applied is {humaniseSize(packageSizeBytes)}. "
+ $"The maximum allowable size is {humaniseSize(allowableSizeBytes)}.");
}

static string humaniseSize(double sizeBytes)
{
string humanisedSize;

if (sizeBytes < 1024)
humanisedSize = $@"{sizeBytes}B";
else if (sizeBytes < 1024 * 1024)
humanisedSize = $@"{sizeBytes / 1024:#.0}kB";
else
humanisedSize = $@"{sizeBytes / 1024 / 1024:#.0}MB";

return humanisedSize;
+ $"The size of the package with the requested changes applied is {FormatUtils.HumaniseSize(packageSizeBytes)}. "
+ $"The maximum allowable size is {FormatUtils.HumaniseSize(allowableSizeBytes)}.");
}
}

Expand Down
22 changes: 22 additions & 0 deletions osu.Server.BeatmapSubmission/FormatUtils.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
// Copyright (c) ppy Pty Ltd <[email protected]>. Licensed under the MIT Licence.
// See the LICENCE file in the repository root for full licence text.

namespace osu.Server.BeatmapSubmission
{
public class FormatUtils
{
public static string HumaniseSize(double sizeBytes)
{
string humanisedSize;

if (sizeBytes < 1024)
humanisedSize = $@"{sizeBytes}B";
else if (sizeBytes < 1024 * 1024)
humanisedSize = $@"{sizeBytes / 1024:#.0}kB";
else
humanisedSize = $@"{sizeBytes / 1024 / 1024:#.0}MB";

return humanisedSize;
}
}
}
9 changes: 9 additions & 0 deletions osu.Server.BeatmapSubmission/ModelStateValidationFilter.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@

using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
using osu.Server.BeatmapSubmission.Models.API.Responses;

namespace osu.Server.BeatmapSubmission
{
Expand All @@ -28,7 +29,15 @@ public void OnActionExecuting(ActionExecutingContext context)
continue;

foreach (var error in value.Errors)
{
if (string.IsNullOrEmpty(key) && (error.ErrorMessage.Contains("Request body too large") || error.ErrorMessage.Contains("Multipart body length limit")))
{
context.Result = new ErrorResponse($"Request body too large. Size must be lower than {FormatUtils.HumaniseSize(Program.ABSOLUTE_REQUEST_SIZE_LIMIT_BYTES)}.").ToActionResult();
return;
}

errorList.Add($"{{ field: \"{key}\", message: \"{error.ErrorMessage}\", exception: \"{error.Exception}\" }}");
}
}

logger.LogError($"""
Expand Down