diff --git a/services/web/app/src/Features/Uploads/ArchiveManager.mjs b/services/web/app/src/Features/Uploads/ArchiveManager.mjs index a2ecb3b13f..c9f5d6fa9f 100644 --- a/services/web/app/src/Features/Uploads/ArchiveManager.mjs +++ b/services/web/app/src/Features/Uploads/ArchiveManager.mjs @@ -138,7 +138,7 @@ function _extractZipFiles(source, destination) { destFile, }) zipfile.close() // bail out, stop reading file entries - done(err) + done(new InvalidZipFileError().withCause(err)) } else { entryFileCount++ zipfile.readEntry() // continue to the next file diff --git a/services/web/package.json b/services/web/package.json index a356a09d78..b147f14516 100644 --- a/services/web/package.json +++ b/services/web/package.json @@ -191,7 +191,7 @@ "xml-crypto": "^2.1.6", "xml2js": "^0.6.2", "xregexp": "^4.3.0", - "yauzl": "^2.10.0", + "yauzl": "^3.3.0", "zod": "^4.0.17", "zod-validation-error": "^4.0.1" }, diff --git a/services/web/test/acceptance/files/test_project_with_too_long_filename.zip b/services/web/test/acceptance/files/test_project_with_too_long_filename.zip new file mode 100644 index 0000000000..f6941caa0e Binary files /dev/null and b/services/web/test/acceptance/files/test_project_with_too_long_filename.zip differ diff --git a/services/web/test/acceptance/src/ProjectStructureTests.mjs b/services/web/test/acceptance/src/ProjectStructureTests.mjs index 22e22a9fcc..52520eb5d1 100644 --- a/services/web/test/acceptance/src/ProjectStructureTests.mjs +++ b/services/web/test/acceptance/src/ProjectStructureTests.mjs @@ -250,6 +250,24 @@ describe('ProjectStructureChanges', function () { }) }) + describe('uploading a project containing a filename that is too long', function () { + let res + + beforeEach(async function () { + const { response } = await uploadExampleProject( + owner, + 'test_project_with_too_long_filename.zip', + { allowBadStatus: true } + ) + + res = response + }) + + it('should fail with 422 error', function () { + expect(res.statusCode).to.equal(422) + }) + }) + describe('deleting folders', function () { beforeEach(async function () { const { projectId } = await createExampleProject(owner) diff --git a/services/web/test/unit/src/Uploads/ArchiveManager.test.mjs b/services/web/test/unit/src/Uploads/ArchiveManager.test.mjs index ad57c170ea..59ab988e05 100644 --- a/services/web/test/unit/src/Uploads/ArchiveManager.test.mjs +++ b/services/web/test/unit/src/Uploads/ArchiveManager.test.mjs @@ -374,7 +374,7 @@ describe('ArchiveManager', function () { it('should reject with an error', function (ctx) { expect(ctx.error) .to.be.instanceOf(Error) - .and.have.property('message', 'Something went wrong') + .and.have.property('message', 'invalid_zip_file') }) it('should close the zipfile', function (ctx) { @@ -411,7 +411,7 @@ describe('ArchiveManager', function () { it('should reject with an error', function (ctx) { expect(ctx.error) .to.be.instanceOf(Error) - .and.have.property('message', 'Something went wrong') + .and.have.property('message', 'invalid_zip_file') }) it('should close the zipfile', function (ctx) { @@ -449,7 +449,7 @@ describe('ArchiveManager', function () { it('should reject with an error', function (ctx) { expect(ctx.error) .to.be.instanceOf(Error) - .and.have.property('message', 'Something went wrong') + .and.have.property('message', 'invalid_zip_file') }) it('should destroy the readstream', function (ctx) { ctx.readStream.destroy.called.should.equal(true) diff --git a/yarn.lock b/yarn.lock index 5be2ec1c05..48a119ec7e 100644 --- a/yarn.lock +++ b/yarn.lock @@ -7570,7 +7570,7 @@ __metadata: xml-crypto: "npm:^2.1.6" xml2js: "npm:^0.6.2" xregexp: "npm:^4.3.0" - yauzl: "npm:^2.10.0" + yauzl: "npm:^3.3.0" yup: "npm:^0.32.11" zod: "npm:^4.0.17" zod-validation-error: "npm:^4.0.1" @@ -34926,6 +34926,16 @@ __metadata: languageName: node linkType: hard +"yauzl@npm:^3.3.0": + version: 3.3.0 + resolution: "yauzl@npm:3.3.0" + dependencies: + buffer-crc32: "npm:~0.2.3" + pend: "npm:~1.2.0" + checksum: 10c0/935e32054171104bdf8a4091180f61b5698d8b90ee64552bb643c2176f815d4215d0764e3f41e0d9a1e4525b37602bf145ec5fd39dd014f0be7290851ce3acce + languageName: node + linkType: hard + "yn@npm:^3.1.1": version: 3.1.1 resolution: "yn@npm:3.1.1"