diff --git a/library/config.php b/library/config.php index 2dc6fd77d..170100086 100644 --- a/library/config.php +++ b/library/config.php @@ -540,7 +540,8 @@ $bb_cfg['mem_on_start'] = memory_get_usage(); $bb_cfg['translate_dates'] = true; // in displaying time $bb_cfg['use_word_censor'] = true; $bb_cfg['show_jumpbox'] = true; // Whether to show jumpbox (on viewtopic.php and viewforum.php) -$bb_cfg['flist_time_limit'] = 15; // Max number of seconds to process file lists before throwing an error +$bb_cfg['flist_timeout'] = 15; // Max number of seconds to process file lists in forum before throwing an error (default: 15) +$bb_cfg['flist_max_files'] = 0; // Max allowed number of files to process for giving out to indexers (0 - unlimited) $bb_cfg['last_visit_date_format'] = 'd-M H:i'; $bb_cfg['last_post_date_format'] = 'd-M-y H:i'; $bb_cfg['poll_max_days'] = 180; // How many days will the poll be active diff --git a/library/includes/file_list_v2.php b/library/includes/file_list_v2.php index a91e195d8..4446d740a 100644 --- a/library/includes/file_list_v2.php +++ b/library/includes/file_list_v2.php @@ -37,7 +37,7 @@ if (empty($row) || empty($row['physical_filename'])) { if (empty($row['info_hash_v2'])) { http_response_code(410); - die($lang['BT_V2_FILE_LIST_ONLY']); + die($lang['BT_V2_FLIST_ONLY']); } $file_path = get_attachments_dir() . '/' . $row['physical_filename']; @@ -49,6 +49,17 @@ if (!is_file($file_path)) { $file_contents = file_get_contents($file_path); +if ($bb_cfg['flist_max_files']) { + $filetree_pos = strpos($file_contents, ':file tree'); + $files_pos = strpos($file_contents, ':files', $filetree_pos); + $file_count = substr_count(substr($file_contents, $filetree_pos, ($files_pos ? ($files_pos - $filetree_pos) : null)), ':length'); + + if ($file_count > $bb_cfg['flist_max_files']) { + http_response_code(410); + die(sprintf($lang['BT_V2_FLIST_LIMIT'], $bb_cfg['flist_max_files'], $file_count)); + } +} + if (!$torrent = \Arokettu\Bencode\Bencode::decode($file_contents, dictType: \Arokettu\Bencode\Bencode\Collection::ARRAY)) { http_response_code(410); die($lang['TORFILE_INVALID']); diff --git a/library/language/source/main.php b/library/language/source/main.php index 2e6b0b753..bc60f0634 100644 --- a/library/language/source/main.php +++ b/library/language/source/main.php @@ -532,6 +532,7 @@ $lang['SEARCH_USER_TOPICS'] = 'Find user topics'; // Find all topics by username $lang['NO_USER_ID_SPECIFIED'] = 'Sorry, but that user does not exist.'; $lang['WRONG_PROFILE'] = 'You cannot modify a profile that is not your own.'; +$lang['ONLY_ONE_AVATAR'] = 'Only one type of avatar can be specified'; $lang['FILE_NO_DATA'] = 'The file at the URL you gave contains no data'; $lang['NO_CONNECTION_URL'] = 'A connection could not be made to the URL you gave'; $lang['INCOMPLETE_URL'] = 'The URL you entered is incomplete'; @@ -1073,7 +1074,8 @@ $lang['BT_REG_FAIL'] = 'Could not register torrent on tracker'; $lang['BT_REG_FAIL_SAME_HASH'] = 'Another torrent with same info_hash already registered'; $lang['BT_V1_ONLY_DISALLOWED'] = 'v1-only torrents have been disabled by the administrator at the moment, allowed: v2 and hybrids'; $lang['BT_V2_ONLY_DISALLOWED'] = 'v2-only torrents have been disabled by the administrator at the moment, allowed: v1 and hybrids'; -$lang['BT_V2_FILE_LIST_ONLY'] = 'Currently, only torrents with BitTorrent version 2 support are enabled for separate file listing'; +$lang['BT_V2_FLIST_ONLY'] = 'Currently, only torrents with BitTorrent version 2 support are enabled for separate file listing'; +$lang['BT_V2_FLIST_LIMIT'] = 'Tracker settings do not allow to process lists with more than %d files. Current number is: %d'; $lang['BT_UNREG_FROM_TRACKER'] = 'Remove from tracker'; $lang['BT_UNREGISTERED'] = 'Torrent unregistered'; $lang['BT_UNREGISTERED_ALREADY'] = 'Torrent already unregistered'; diff --git a/src/Legacy/TorrentFileList.php b/src/Legacy/TorrentFileList.php index 19a126f90..caad01637 100644 --- a/src/Legacy/TorrentFileList.php +++ b/src/Legacy/TorrentFileList.php @@ -46,7 +46,7 @@ class TorrentFileList $info = &$this->tor_decoded['info']; if (isset($info['meta version'], $info['file tree'])) { //v2 if (($info['meta version']) === 2 && is_array($info['file tree'])) { - return $this->fileTreeList($info['file tree'], $info['name'] ?? '', $bb_cfg['flist_time_limit']); + return $this->fileTreeList($info['file tree'], $info['name'] ?? '', $bb_cfg['flist_timeout']); } } @@ -95,7 +95,7 @@ class TorrentFileList continue; } - $structure = array_deep($f['path'], 'clean_tor_dirname', timeout: $bb_cfg['flist_time_limit']); + $structure = array_deep($f['path'], 'clean_tor_dirname', timeout: $bb_cfg['flist_timeout']); if (isset($structure['timeout'])) { bb_die("Timeout, too many nested files/directories for file listing, aborting after \n{$structure['recs']} recursive calls.\nNesting level: " . count($info['files'], COUNT_RECURSIVE)); }