airkjw/CLIProxyAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: reject oversized downloads instead of truncating; warn on unverified fallback

Browse Source 
- Read maxAssetDownloadSize+1 bytes and error if exceeded, preventing
  silent truncation that could write a broken management.html to disk
- Log explicit warning when fallback URL is used without digest
  verification, so users are aware of the reduced security guarantee
This commit is contained in:
Xvvln
2026-03-24 00:27:44 +08:00
parent 2db8df8e38
commit 7333619f15
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/managementasset/updater.go
+7 -1
View File
@@ -288,6 +288,9 @@ func ensureFallbackManagementHTML(ctx context.Context, client *http.Client, loca
return false return false
} }
log.Warnf("management asset downloaded from fallback URL without digest verification (hash=%s) — "+
"consider setting auto-update-panel: true to receive verified updates from GitHub", downloadedHash)
if err = atomicWriteFile(localPath, data); err != nil { if err = atomicWriteFile(localPath, data); err != nil {
log.WithError(err).Warn("failed to persist fallback management control panel page") log.WithError(err).Warn("failed to persist fallback management control panel page")
return false return false
@@ -398,10 +401,13 @@ func downloadAsset(ctx context.Context, client *http.Client, downloadURL string)
return nil, "", fmt.Errorf("unexpected download status %d: %s", resp.StatusCode, strings.TrimSpace(string(body))) return nil, "", fmt.Errorf("unexpected download status %d: %s", resp.StatusCode, strings.TrimSpace(string(body)))
} }
data, err := io.ReadAll(io.LimitReader(resp.Body, maxAssetDownloadSize)) data, err := io.ReadAll(io.LimitReader(resp.Body, maxAssetDownloadSize+1))
if err != nil { if err != nil {
return nil, "", fmt.Errorf("read download body: %w", err) return nil, "", fmt.Errorf("read download body: %w", err)
} }
if int64(len(data)) > maxAssetDownloadSize {
return nil, "", fmt.Errorf("download exceeds maximum allowed size of %d bytes", maxAssetDownloadSize)
}
sum := sha256.Sum256(data) sum := sha256.Sum256(data)
return data, hex.EncodeToString(sum[:]), nil return data, hex.EncodeToString(sum[:]), nil