ankitpokhrel / tus-php

🚀 A pure PHP server and client for the tus resumable upload protocol v1.0.0

Home Page:https://tus.io

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Corrupt metadata in Redis when client sends PATCH request while TUS session expires

klammbueddel opened this issue · comments

Note: Please report any security issues directly to hello [at] ankit.pl

Describe the bug
If RedisStore is used as persistence layer, a PATCH request will lead to corrupt metadata. Only the last "offset" will be stored in redis. All other metadata (file) will be lost which makes it impossible to cleanup expired tus session.

EDIT:

- **To Reproduce**
- Steps to reproduce the behavior:
- 1. Start TUS session
- 2. Wait for Timeout
- 3. Send PATCH request
- 4. Evaluate Redis

+ **To Reproduce**
+ Steps to reproduce the behavior:
+ 1. Start TUS session
+ 2. Wait until TUS session is nearly expired
+ 3. Send PATCH request that will be handled while TUS session expires
+ 4. Evaluate Redis

The redis will only contain sth. like {"offset":36700160}

Expected behavior
The metadata should not be overwritten in patch request.

Additional context
The source of the problem is in File.php line 328:
$this->cache->set($key, ['offset' => $this->offset]);
The RedisStore load existing (!not expired!) key and merges the $value:

   /**
     * {@inheritDoc}
     */
    public function set(string $key, $value)
    {
        $contents = $this->get($key) ?? []; #this will be null since key is already expired!

        if (\is_array($value)) {
            $contents = $value + $contents;
        } else {
            $contents[] = $value;
        }

        $status = $this->redis->set($this->getPrefix() . $key, json_encode($contents));

        return 'OK' === $status->getPayload();
    }

Since $contents is null, only the offset will be stored overwriting all other metadata.

I assume the data should be loaded with $withExpired = true from cache in order to fix this.

commented

@klammbueddel I was trying to replicate this. Could you please provide some more info?

  1. What do you mean by Wait for Timeout? timeout from server?
  2. Are you using php client or some other client to send the request or manually sending request to the API?

Hi @ankitpokhrel, I did setup short expiry time for a TUS session. When the expiration time passes by, the error occurs with the next PATCH request from the client. In my case I do use https://github.com/gerdus/tus-dotnet-client.

#376 should fix this

This issue has been automatically marked as stale because it has not had
recent activity. It will be closed if no further activity occurs. Thank you
for your contributions.

Closing because of inactivity.