From 1bdaccc0b8cf8aac0dc833d6db14b9a902593ff5 Mon Sep 17 00:00:00 2001
From: George Claghorn <george@basecamp.com>
Date: Mon, 28 May 2018 16:28:46 -0400
Subject: Verify integrity after chunked download

---
 activestorage/lib/active_storage/downloader.rb | 7 +++++++
 activestorage/lib/active_storage/errors.rb     | 4 ++++
 activestorage/lib/active_storage/service.rb    | 2 --
 3 files changed, 11 insertions(+), 2 deletions(-)

(limited to 'activestorage/lib/active_storage')

diff --git a/activestorage/lib/active_storage/downloader.rb b/activestorage/lib/active_storage/downloader.rb
index 0e7039e104..5953fd08fb 100644
--- a/activestorage/lib/active_storage/downloader.rb
+++ b/activestorage/lib/active_storage/downloader.rb
@@ -10,6 +10,7 @@ module ActiveStorage
     def download_blob_to_tempfile
       open_tempfile do |file|
         download_blob_to file
+        verify_integrity_of file
         yield file
       end
     end
@@ -34,6 +35,12 @@ module ActiveStorage
         file.rewind
       end
 
+      def verify_integrity_of(file)
+        unless Digest::MD5.file(file).base64digest == checksum
+          raise ActiveStorage::IntegrityError
+        end
+      end
+
       def tempfile_extension_with_delimiter
         blob.filename.extension_with_delimiter
       end
diff --git a/activestorage/lib/active_storage/errors.rb b/activestorage/lib/active_storage/errors.rb
index f099b13f5b..bedcd080c4 100644
--- a/activestorage/lib/active_storage/errors.rb
+++ b/activestorage/lib/active_storage/errors.rb
@@ -4,4 +4,8 @@ module ActiveStorage
   class InvariableError < StandardError; end
   class UnpreviewableError < StandardError; end
   class UnrepresentableError < StandardError; end
+
+  # Raised when uploaded or downloaded data does not match a precomputed checksum.
+  # Indicates that a network error or a software bug caused data corruption.
+  class IntegrityError < StandardError; end
 end
diff --git a/activestorage/lib/active_storage/service.rb b/activestorage/lib/active_storage/service.rb
index 949969fc95..da1af4f745 100644
--- a/activestorage/lib/active_storage/service.rb
+++ b/activestorage/lib/active_storage/service.rb
@@ -3,8 +3,6 @@
 require "active_storage/log_subscriber"
 
 module ActiveStorage
-  class IntegrityError < StandardError; end
-
   # Abstract class serving as an interface for concrete services.
   #
   # The available services are:
-- 
cgit v1.2.3