3D-printing/Cura
1
0
Fork 0
mirror of https://github.com/Ultimaker/Cura.git synced 2025-07-07 15:07:28 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

Prevent zip bombs in the g-codegz reader

Browse source 
CURA-7227
This commit is contained in:
Jaime van Kessel 2020-02-20 16:38:41 +01:00
parent 4cb239a97f
commit 27777c759c
No known key found for this signature in database
GPG key ID: 3710727397403C91
1 changed files with 17 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

18
plugins/GCodeGzReader/GCodeGzReader.py
View file

@ -7,6 +7,20 @@ from UM.Mesh.MeshReader import MeshReader #The class we're extending/implementin
from UM.MimeTypeDatabase import MimeTypeDatabase, MimeType #To add the .gcode.gz files to the MIME type database.
from UM.PluginRegistry import PluginRegistry
import contextlib
import resource
@contextlib.contextmanager
def limit(limit, type=resource.RLIMIT_AS):
soft_limit, hard_limit = resource.getrlimit(type)
resource.setrlimit(type, (limit, hard_limit)) # set soft limit
try:
yield
finally:
resource.setrlimit(type, (soft_limit, hard_limit)) # restore
## A file reader that reads gzipped g-code.
#
# If you're zipping g-code, you might as well use gzip!
@ -25,7 +39,9 @@ class GCodeGzReader(MeshReader):
def _read(self, file_name):
with open(file_name, "rb") as file:
file_data = file.read()
uncompressed_gcode = gzip.decompress(file_data).decode("utf-8")
with limit(1 << 30): # Prevent a gzip bomb (by setting the max size to 1 gig)
uncompressed_gcode = gzip.decompress(file_data).decode("utf-8")
PluginRegistry.getInstance().getPluginObject("GCodeReader").preReadFromStream(uncompressed_gcode)
result = PluginRegistry.getInstance().getPluginObject("GCodeReader").readFromStream(uncompressed_gcode, file_name)