mirror of
https://github.com/LonamiWebs/Telethon.git
synced 2024-11-23 01:46:35 +03:00
Check dc_id in resolve_bot_file_id
This commit is contained in:
parent
47d9de98ed
commit
5772a5483c
|
@ -905,6 +905,16 @@ def resolve_bot_file_id(file_id):
|
||||||
data = data[:-1]
|
data = data[:-1]
|
||||||
if len(data) == 24:
|
if len(data) == 24:
|
||||||
file_type, dc_id, media_id, access_hash = struct.unpack('<iiqq', data)
|
file_type, dc_id, media_id, access_hash = struct.unpack('<iiqq', data)
|
||||||
|
|
||||||
|
if not (1 <= dc_id <= 5):
|
||||||
|
# Valid `file_id`'s must have valid DC IDs. Since this method is
|
||||||
|
# called when sending a file and the user may have entered a path
|
||||||
|
# they believe is correct but the file doesn't exist, this method
|
||||||
|
# may detect a path as "valid" bot `file_id` even when it's not.
|
||||||
|
# By checking the `dc_id`, we greatly reduce the chances of this
|
||||||
|
# happening.
|
||||||
|
return None
|
||||||
|
|
||||||
attributes = []
|
attributes = []
|
||||||
if file_type == 3 or file_type == 9:
|
if file_type == 3 or file_type == 9:
|
||||||
attributes.append(types.DocumentAttributeAudio(
|
attributes.append(types.DocumentAttributeAudio(
|
||||||
|
@ -942,6 +952,9 @@ def resolve_bot_file_id(file_id):
|
||||||
(file_type, dc_id, media_id, access_hash,
|
(file_type, dc_id, media_id, access_hash,
|
||||||
volume_id, secret, local_id) = struct.unpack('<iiqqqqi', data)
|
volume_id, secret, local_id) = struct.unpack('<iiqqqqi', data)
|
||||||
|
|
||||||
|
if not (1 <= dc_id <= 5):
|
||||||
|
return None
|
||||||
|
|
||||||
# Thumbnails (small) always have ID 0; otherwise size 'x'
|
# Thumbnails (small) always have ID 0; otherwise size 'x'
|
||||||
photo_size = 's' if media_id or access_hash else 'x'
|
photo_size = 's' if media_id or access_hash else 'x'
|
||||||
return types.Photo(id=media_id, access_hash=access_hash, sizes=[
|
return types.Photo(id=media_id, access_hash=access_hash, sizes=[
|
||||||
|
|
Loading…
Reference in New Issue
Block a user