From 1613375cc0d971dd0b127b1dfbc8727028962c22 Mon Sep 17 00:00:00 2001
From: CalDescent <caldescent@protonmail.com>
Date: Mon, 21 Jun 2021 19:03:34 +0100
Subject: [PATCH] Added more validation of files received in GET
 /data/file/frompeer

---
 src/main/java/org/qortal/api/resource/DataResource.java | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/main/java/org/qortal/api/resource/DataResource.java b/src/main/java/org/qortal/api/resource/DataResource.java
index 49cd395a..ff4e3fda 100644
--- a/src/main/java/org/qortal/api/resource/DataResource.java
+++ b/src/main/java/org/qortal/api/resource/DataResource.java
@@ -262,6 +262,10 @@ public class DataResource {
 			}
 
 			DataFileMessage dataFileMessage = (DataFileMessage) message;
+			dataFile = dataFileMessage.getDataFile();
+			if (dataFile == null || !dataFile.exists()) {
+				throw ApiExceptionFactory.INSTANCE.createException(request, ApiError.FILE_NOT_FOUND);
+			}
 
 			return Response.ok(String.format("Received file %s, size %d bytes", dataFileMessage.getDataFile(), dataFileMessage.getDataFile().size())).build();
 		} catch (ApiException e) {