Merge "Make qdecompresshelper archive bomb check only trigger for large files"

2 files changed, 10 insertions, 0 deletions

diff --git a/src/network/access/qdecompresshelper.cpp b/src/network/access/qdecompresshelper.cpp
index 2e44a58cf4..d0e75ef0dc 100644
--- a/src/network/access/qdecompresshelper.cpp
+++ b/src/network/access/qdecompresshelper.cpp
@@ -405,6 +405,11 @@ void QDecompressHelper::setArchiveBombDetectionEnabled(bool enable)
         countHelper->setArchiveBombDetectionEnabled(enable);
 }
 
+void QDecompressHelper::setMinimumArchiveBombSize(qint64 threshold)
+{
+    minimumArchiveBombSize = threshold;
+}
+
 bool QDecompressHelper::isPotentialArchiveBomb() const
 {
     if (!archiveBombDetectionEnabled)
@@ -413,6 +418,9 @@ bool QDecompressHelper::isPotentialArchiveBomb() const
     if (totalCompressedBytes == 0)
         return false;
 
+    if (totalUncompressedBytes <= minimumArchiveBombSize)
+        return false;
+
     // Some protection against malicious or corrupted compressed files that expand far more than
     // is reasonable.
     double ratio = double(totalUncompressedBytes) / double(totalCompressedBytes);
diff --git a/src/network/access/qdecompresshelper_p.h b/src/network/access/qdecompresshelper_p.h
index 4e66581022..6a77775790 100644
--- a/src/network/access/qdecompresshelper_p.h
+++ b/src/network/access/qdecompresshelper_p.h
@@ -92,6 +92,7 @@ public:
     void clear();
 
     void setArchiveBombDetectionEnabled(bool enable);
+    void setMinimumArchiveBombSize(qint64 threshold);
 
     static bool isSupportedEncoding(const QByteArray &encoding);
     static QByteArrayList acceptedEncoding();
@@ -119,6 +120,7 @@ private:
 
     // Used for calculating the ratio
     bool archiveBombDetectionEnabled = true;
+    qint64 minimumArchiveBombSize = 10 * 1024 * 1024;
     qint64 totalUncompressedBytes = 0;
     qint64 totalCompressedBytes = 0;