search

TryQuiet / quiet

A private, p2p alternative to Slack and Discord built on Tor & IPFS
https://www.tryquiet.org
GNU General Public License v3.0
1.93k stars 82 forks source link

Cannot receive 5 small files #1723

Open holmesworcester opened 1 year ago

holmesworcester commented 1 year ago

Steps to reproduce in Quiet 1.8.0 linux:

  1. Unzip the attached archive
  2. Click the paperclip icon in Quiet Desktop 1.8.0 to attach files
  3. Select all 5 files in the archive
  4. Send message (message appears to send fine, with all 5 files)

Expected: receiving user can see files Actual: user sees files with error "File not valid. Download canceled."

Image

Archive (1).zip

kingalg commented 1 year ago

My theory is that it's a problem with extremely small files (we are talking about bytes). There is a set tolerance for difference in size above which we consider the file malicious. For files so small as 14 bytes even 1 byte of a difference can be bigger than the tolerance that we set. So far we were mostly focused on bigger files as potentially more problematic but it looks like very small files have their own problems as well.

On attached screenshot you can see that "Hello!" which is 14 bytes didn't went through but "Hello!2" - 35.45 KB uploaded without issues. This is something that I was able to reproduce on few machines with several different files.

image

holmesworcester commented 1 year ago

We could rethink the size checking. It might not really be offering much protection as is, and if it's not it's probably not worth doing at all.

Or we could fix it so that it's more tolerant of a small discrepancy