Android: Android app, infected file found, bad feedback

Created on 1 Jun 2017  路  7Comments  路  Source: owncloud/android

Actual behaviour

When uploading a eicar file (file that is marked as a virus) the android app returns "upload failed - Snsupported Media Type".

Expected behaviour

When uploading an infected file, the user is given a clear feedback and the applications stops from trying to upload that file agian.

Steps to reproduce

  1. Upload a eicar file from the Android app.
  2. Receive feedback that does not explain the issue.

Can this problem be reproduced with the official owncloud server?
(url: https://demo.owncloud.org, user: test, password: test)
No, does not seem to have virus (ClamAV enabled)

Environment data

Android version:
Galaxy s5.

Device model:

Stock or customized system:
customized

ownCloud app version:
2.4.0
ownCloud server version:
9.1.5

Logs

Web server error log

Insert your webserver log here

ownCloud log (data/owncloud.log)

Exception: {"Message":"HTTP\/1.1 415 Virus Eicar-Test-Signature is detected in the file. Upload cannot be completed.","Exception":"OCA\\DAV\\Connector\\Sabre\\Exception\\UnsupportedMediaType","Code":0,"Trace":"#0 \/var\/www\/html\/owncloud\/apps\/dav\/lib\/Connector\/Sabre\/File.php(157): OCA\\DAV\\Connector\\Sabre\\File->convertToSabreException(Object(OCP\\Files\\InvalidContentException))\n#1 \/var\/www\/html\/owncloud\/3rdparty\/sabre\/dav\/lib\/DAV\/Server.php(1070): OCA\\DAV\\Connector\\Sabre\\File->put(Resource id #712)\n#2 \/var\/www\/html\/owncloud\/3rdparty\/sabre\/dav\/lib\/DAV\/CorePlugin.php(511): Sabre\\DAV\\Server->updateFile('virus.txt', Resource id #712, NULL)\n#3 [internal function]: Sabre\\DAV\\CorePlugin->httpPut(Object(Sabre\\HTTP\\Request), Object(Sabre\\HTTP\\Response))\n#4 \/var\/www\/html\/owncloud\/3rdparty\/sabre\/event\/lib\/EventEmitterTrait.php(105): call_user_func_array(Array, Array)\n#5 \/var\/www\/html\/owncloud\/3rdparty\/sabre\/dav\/lib\/DAV\/Server.php(459): Sabre\\Event\\EventEmitter->emit('method:PUT', Array)\n#6 \/var\/www\/html\/owncloud\/3rdparty\/sabre\/dav\/lib\/DAV\/Server.php(248): Sabre\\DAV\\Server->invokeMethod(Object(Sabre\\HTTP\\Request), Object(Sabre\\HTTP\\Response))\n#7 \/var\/www\/html\/owncloud\/apps\/dav\/appinfo\/v1\/webdav.php(61): Sabre\\DAV\\Server->exec()\n#8 \/var\/www\/html\/owncloud\/remote.php(164): require_once('\/var\/www\/html\/o...')\n#9 {main}","File":"\/var\/www\/html\/owncloud\/apps\/dav\/lib\/Connector\/Sabre\/File.php","Line":538,"User":"FC8C390C-9B01-47A6-ACEA-91391133E287"}
approved by qa blue-ticket enhancement error_message
Source
picture Emil-G

Most helpful comment

@michaelstingl I've finally managed to reproduce the described behaviour and the oC API responds with this error message "Virus Eicar-Test-Signature is detected in the file. Upload cannot be completed", which is appropriate and specific. This message is included in the body response, so I can parse it and show it easily.

picture davigonz on 12 Jun 2017
👍2

All 7 comments

Hi @Emil-G , thank you for reporting this behaviour. We already have an issue to include feedback improvements but it's not scheduled for the next Android app release (2.5.0), we will work on it in the coming releases after the next one.

davigonz picture davigonz on 8 Jun 2017

Hello again @Emil-G , we have reprioritized this issue and its fix will definitely be included in the next Android app release, 2.5.0. Sorry for the inconvenience.

davigonz picture davigonz on 8 Jun 2017
👍1

@davigonz Thats good news! cheers!

Emil-G picture Emil-G on 8 Jun 2017

@davigonz Does the oC API respond with an appropriate error message, like if I try to share, but don't have share permission, or is there room for improvement on the server side too?

00007758

michaelstingl picture michaelstingl on 8 Jun 2017

@Emil-G Hello, I've tried to upload an eicar file to check the error message returned from the server ,which @michaelstingl refers to, but the upload is completed successfully and there's no error like the one you comment. Have a look at the gif below:

eicar

Is your eicar file different to the one I'm using?

Thank you

davigonz picture davigonz on 9 Jun 2017

Do not take into account my previous comment, I was not using a proper antivirus configuration. Let me set the needed params and I will give you more details.

davigonz picture davigonz on 12 Jun 2017
👍1

@michaelstingl I've finally managed to reproduce the described behaviour and the oC API responds with this error message "Virus Eicar-Test-Signature is detected in the file. Upload cannot be completed", which is appropriate and specific. This message is included in the body response, so I can parse it and show it easily.

davigonz picture davigonz on 12 Jun 2017
👍2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

Nowaker picture Nowaker  路  3Comments
jesmrec picture jesmrec  路  7Comments
marcos-guerrero picture marcos-guerrero  路  6Comments
davigonz picture davigonz  路  5Comments
davivel picture davivel  路  4Comments