ylqjgm
/
canvas-lms
mirror of https://github.com/instructure/canvas-lms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
canvas-lms/spec/fixtures
History
Jeremy Stanley a3cf4748cc check size of actual zip contents against quota 
because the zip central directory can lie

test plan:
 1. Create a huge file (say a gigabyte) where every byte is the
    same.
 2. Zip it. The repeating data will be compressed. The ZIP will
    be tiny but will uncompress to a huge file.
 3. Edit the zip file binary. Open it with a hex editor and
    change the file size in the directory. Make the file
    appear to be small enough to fit into the course quota.
    (The zip file format is documented at
    http://www.pkware.com/documents/casestudies/APPNOTE.TXT
    or ask the committer for help)
 4. Try to import the zip file into a course (migrations/
    import zip file into folder)
 5. You should receive a quota error.

fixes CNVS-10722

Change-Id: Ib1bd1c432ef900f0c6c61ebe6eab2881f8515104
Reviewed-on: https://gerrit.instructure.com/29704
Reviewed-by: Mark Severson <markse@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Nathan Rogowski <nathan@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
 		2014-02-06 19:29:27 +00:00
..
asset_files refs #5773 fix plugin asset loading for 1.9.3 2012-11-08 13:40:32 -07:00
files add authenticity token to gradebook2 reupload form 2012-11-01 16:53:14 -06:00
google_docs fixed issue where google doc collaboration links are broken 2013-03-12 15:36:42 -06:00
gradebooks Initial commit. 2011-01-31 18:57:29 -07:00
importer import assessment questions and banks only for selected quizzes 2013-08-29 15:24:54 +00:00
migration add selenium tests for content migrations and course copy 2013-09-05 12:35:04 +00:00
scribd_docs Initial commit. 2011-01-31 18:57:29 -07:00
xss upgrade nokogiri to 1.4.7 2012-01-10 12:09:39 -07:00
alphabet_soup.zip add test to make sure files are import alphabetically 2012-06-06 13:08:13 -06:00
attachments-none-scribdable.zip try harder not to create scribd jobs for non-scribdable files 2012-01-12 11:09:06 -07:00
attachments-scribdable.zip try harder not to create scribd jobs for non-scribdable files 2012-01-12 11:09:06 -07:00
attachments.zip Initial commit. 2011-01-31 18:57:29 -07:00
courses.yml finish removing course.publish_grades_immediately 2013-06-04 18:11:08 +00:00
default_gradebook.csv Initial commit. 2011-01-31 18:57:29 -07:00
file_mail.txt Initial commit. 2011-01-31 18:57:29 -07:00
html_mail.txt Initial commit. 2011-01-31 18:57:29 -07:00
huge_zip.zip Prevent malicious zip uploads 2012-11-30 08:35:02 -07:00
mail.txt Initial commit. 2011-01-31 18:57:29 -07:00
message_1.txt Initial commit. 2011-01-31 18:57:29 -07:00
message_2.txt Initial commit. 2011-01-31 18:57:29 -07:00
message_3.txt Initial commit. 2011-01-31 18:57:29 -07:00
multipart-request fix "invalid byte sequence in US-ASCII" in topic attachment 2013-12-31 21:30:21 +00:00
selection_test_lti.xml use preferred tool for resource_selection even if the urls don't match 2012-05-25 12:18:11 -06:00
submission_list_full_hash_list.yml Initial commit. 2011-01-31 18:57:29 -07:00
submissions.zip Initial commit. 2011-01-31 18:57:29 -07:00
test.xsd whitelist for xsd files for the cc module 2012-12-04 11:54:16 -07:00
test_image.jpg a new [image] button in tinyMCE's toolbar 2013-05-06 19:20:14 +00:00
tilde.zip ruby 1.9: don't choke on course import with '~' filename 2013-01-21 14:16:11 -07:00
zipbomb.zip check size of actual zip contents against quota 2014-02-06 19:29:27 +00:00