From 9300a59a89b90f1b7ffe549d848f5d63369328ed Mon Sep 17 00:00:00 2001
From: Frans de Jonge <fransdejonge@gmail.com>
Date: Mon, 10 Jun 2019 17:06:13 +0200
Subject: [PATCH] [fix] util.getSafeFilename() maximum extension length (#5067)

Strip HTML and do some semi-intelligent detection of faux extensions (i.e., more than 10 characters probably isn't one).

Fixes #5049.
---
 frontend/util.lua                  | 11 ++++++++++-
 plugins/wallabag.koplugin/main.lua |  2 +-
 spec/unit/util_spec.lua            | 15 +++++++++++++++
 3 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/frontend/util.lua b/frontend/util.lua
index aa0a4e3fc..a441784dd 100644
--- a/frontend/util.lua
+++ b/frontend/util.lua
@@ -480,13 +480,14 @@ end
 ---- @string path
 ---- @int limit
 ---- @treturn string
-function util.getSafeFilename(str, path, limit)
+function util.getSafeFilename(str, path, limit, limit_ext)
     local filename, suffix = util.splitFileNameSuffix(str)
     local replaceFunc = replaceAllInvalidChars
     local safe_filename
     -- VFAT supports a maximum of 255 UCS-2 characters, although it's probably treated as UTF-16 by Windows
     -- default to a slightly lower limit just in case
     limit = limit or 240
+    limit_ext = limit_ext or 10
 
     if path then
         local file_system = util.getFilesystemType(path)
@@ -495,6 +496,14 @@ function util.getSafeFilename(str, path, limit)
         end
     end
 
+    if suffix:len() > limit_ext then
+        -- probably not an actual file extension, or at least not one we'd be
+        -- dealing with, so strip the whole string
+        filename = str
+        suffix = nil
+    end
+
+    filename = util.htmlToPlainTextIfHtml(filename)
     filename = filename:sub(1, limit)
     -- the limit might result in broken UTF-8, which we don't want in the result
     filename = util.fixUtf8(filename, "")
diff --git a/plugins/wallabag.koplugin/main.lua b/plugins/wallabag.koplugin/main.lua
index 59040c011..7afd3f6e1 100644
--- a/plugins/wallabag.koplugin/main.lua
+++ b/plugins/wallabag.koplugin/main.lua
@@ -300,7 +300,7 @@ end
 function Wallabag:download(article)
     local skip_article = false
     local item_url = "/api/entries/" .. article.id .. "/export.epub"
-    local title = util.getSafeFilename(article.title, self.directory)
+    local title = util.getSafeFilename(article.title, self.directory, 230, 0)
     local local_path = self.directory .. article_id_prefix .. article.id .. article_id_postfix .. title .. ".epub"
     logger.dbg("Wallabag: DOWNLOAD: id: ", article.id)
     logger.dbg("Wallabag: DOWNLOAD: title: ", article.title)
diff --git a/spec/unit/util_spec.lua b/spec/unit/util_spec.lua
index 2bed26411..68b62d037 100644
--- a/spec/unit/util_spec.lua
+++ b/spec/unit/util_spec.lua
@@ -239,6 +239,21 @@ describe("util module", function()
         assert.are_same("a", util.splitFileNameSuffix("a.txt"))
     end)
 
+    describe("getSafeFileName()", function()
+        it("should replace unsafe characters", function()
+            assert.is_equal("___", util.getSafeFilename("|||"))
+        end)
+        it("should truncate any characters beyond the limit", function()
+            assert.is_equal("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", util.getSafeFilename("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"))
+        end)
+        it("should truncate extension beyond the limit", function()
+            assert.is_equal("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", util.getSafeFilename("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"))
+        end)
+        it("should strip HTML from the filename", function()
+            assert.is_equal("lalala", util.getSafeFilename("<span>lalala</span>"))
+        end)
+    end)
+
     describe("fixUtf8()", function()
         it("should replace invalid UTF-8 characters with an underscore", function()
             assert.is_equal("\127 _ _\127 ", util.fixUtf8("\127 \128 \194\127 ", "_"))