Don't read unlimited data from files

It now guards against reading infinite files such as `/dev/zero`. And most readings are bound with a (lax) limit. As a side effect, more checking are done when reading a file and overall the reading procedure is more robust. PR #19095.
2025-12-30 20:28:05 -06:00 · 2023-06-14 13:38:19 +08:00
parent 81bc910d68
commit 79ca2e145f
24 changed files with 370 additions and 199 deletions
--- a/src/webui/webui.cpp
+++ b/src/webui/webui.cpp
@@ -28,14 +28,13 @@

 #include "webui.h"

-#include <QFile>
-
 #include "base/http/server.h"
 #include "base/logger.h"
 #include "base/net/dnsupdater.h"
 #include "base/net/portforwarder.h"
 #include "base/path.h"
 #include "base/preferences.h"
+#include "base/utils/io.h"
 #include "base/utils/net.h"
 #include "webapplication.h"

@@ -85,10 +84,8 @@ void WebUI::configure()
        {
            const auto readData = [](const Path &path) -> QByteArray
            {
-                QFile file {path.data()};
-                if (!file.open(QIODevice::ReadOnly))
-                    return {};
-                return file.read(Utils::Net::MAX_SSL_FILE_SIZE);
+                const auto readResult = Utils::IO::readFile(path, Utils::Net::MAX_SSL_FILE_SIZE);
+                return readResult.value_or(QByteArray());
            };
            const QByteArray cert = readData(pref->getWebUIHttpsCertificatePath());
            const QByteArray key = readData(pref->getWebUIHttpsKeyPath());