From f6b7005c5b1f0e812c25f5de509db792bdbacf44 Mon Sep 17 00:00:00 2001 From: Stuart McGrigor Date: Mon, 31 Oct 2016 12:43:02 +1300 Subject: [PATCH] Added MaxFileSize to IncomingForm options --- lib/incoming_form.js | 9 ++++++++- package.json | 6 +++--- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/lib/incoming_form.js b/lib/incoming_form.js index e3c8019a..2a218804 100644 --- a/lib/incoming_form.js +++ b/lib/incoming_form.js @@ -25,6 +25,7 @@ function IncomingForm(opts) { this.maxFields = opts.maxFields || 1000; this.maxFieldsSize = opts.maxFieldsSize || 2 * 1024 * 1024; + this.maxFileSize = opts.maxFileSize || 2 * 1024 * 1024; this.keepExtensions = opts.keepExtensions || false; this.uploadDir = opts.uploadDir || os.tmpDir(); this.encoding = opts.encoding || 'utf-8'; @@ -217,6 +218,13 @@ IncomingForm.prototype.handlePart = function(part) { if (buffer.length == 0) { return; } + // compare receivedBytes with maxFileSize + if((file.toJSON().size + buffer.length) > self.maxFileSize) { + self._error(new Error('Size overflow, expect ' + self.maxFileSize + + ' but received ' + (file.toJSON().size + buffer.length) + ' bytes')); + return; + } + self.pause(); file.write(buffer, function() { self.resume(); @@ -555,4 +563,3 @@ IncomingForm.prototype._maybeEnd = function() { this.emit('end'); }; - diff --git a/package.json b/package.json index 4ec587e2..258cd1b5 100644 --- a/package.json +++ b/package.json @@ -2,7 +2,7 @@ "name": "formidable", "description": "A node.js module for parsing form data, especially file uploads.", "homepage": "https://github.com/felixge/node-formidable", - "version": "1.0.17", + "version": "1.0.17-stu", "devDependencies": { "gently": "0.8.0", "findit": "0.1.1", @@ -24,10 +24,10 @@ }, "repository": { "type": "git", - "url": "git://github.com/felixge/node-formidable.git" + "url": "git://github.com/stueynz/node-formidable.git" }, "bugs": { - "url": "http://github.com/felixge/node-formidable/issues" + "url": "http://github.com/stueynz/node-formidable/issues" }, "optionalDependencies": {} }