[mai2] limit upload user portrait file size

2022-12-17 10:29:09 +08:00
parent c121c17073
commit a8b31591cc
3 changed files with 18 additions and 2 deletions
--- a/src/main/java/icu/samnyan/aqua/sega/maimai2/handler/impl/UploadUserPortraitHandler.java
+++ b/src/main/java/icu/samnyan/aqua/sega/maimai2/handler/impl/UploadUserPortraitHandler.java
@@ -27,13 +27,16 @@ public class UploadUserPortraitHandler implements BaseHandler {

    private final String picSavePath;
    private final boolean enable;
+    private final long divMaxLength;

    public UploadUserPortraitHandler(BasicMapper mapper,
-    @Value("${game.maimai2.userPhoto.enable:true}") boolean enable,
-    @Value("${game.maimai2.userPhoto.picSavePath:data/userPhoto}") String picSavePath) {
+                                     @Value("${game.maimai2.userPhoto.enable:true}") boolean enable,
+                                     @Value("${game.maimai2.userPhoto.picSavePath:data/userPhoto}") String picSavePath,
+                                     @Value("${game.maimai2.userPhoto.divMaxLength:16}") long divMaxLength) {
        this.mapper = mapper;
        this.picSavePath = picSavePath;
        this.enable = enable;
+        this.divMaxLength = divMaxLength;

        if (enable) {
            try {
@@ -60,6 +63,9 @@ public class UploadUserPortraitHandler implements BaseHandler {
            int divLength = userPhoto.getDivLength();
            String divData = userPhoto.getDivData();

+            if (divLength > divMaxLength)
+                return "{\"returnCode\":-1,\"apiName\":\"com.sega.maimai2servlet.api.UploadUserPortraitApi\"}";
+
            try {
                var tmp_filename = Paths.get(picSavePath, userId + "-up.tmp");
                if (divNumber == 0)