Merge pull request #10791 from nextcloud/refactor/handle-no-temp-file…

…-gracefully refactor: handle temporary files not being created gracefully
nextcloud · Mar 5, 2025 · 6beaf26 · 6beaf26
2 parents a325a66 + 2c8b3ec
commit 6beaf26
Showing 1 changed file with 25 additions and 11 deletions.
diff --git a/lib/Service/SmimeService.php b/lib/Service/SmimeService.php
@@ -68,7 +68,7 @@ public function verifyMessage(string $message): bool {
 		// smime/pkcs7 module. Unfortunately, it is only supported since php 8.
 		// Ref https://www.php.net/manual/en/function.openssl-cms-verify.php
 
-		$messageTemp = $this->tempManager->getTemporaryFile();
+		$messageTemp = $this->getTemporaryFileOrThrow();
 		$messageTempHandle = fopen($messageTemp, 'wb');
 		fwrite($messageTempHandle, $message);
 		fclose($messageTempHandle);
@@ -106,8 +106,8 @@ public function extractSignedContent(string $message): string {
 		// smime/pkcs7 module. Unfortunately, it is only supported since php 8.
 		// Ref https://www.php.net/manual/en/function.openssl-cms-verify.php
 
-		$verifiedContentTemp = $this->tempManager->getTemporaryFile();
-		$messageTemp = $this->tempManager->getTemporaryFile();
+		$verifiedContentTemp = $this->getTemporaryFileOrThrow();
+		$messageTemp = $this->getTemporaryFileOrThrow();
 		$messageTempHandle = fopen($messageTemp, 'wb');
 		fwrite($messageTempHandle, $message);
 		fclose($messageTempHandle);
@@ -166,7 +166,7 @@ public function parseCertificate(string $certificate): SmimeCertificateInfo {
 			}
 		}
 
-		$decryptedCertificateFile = $this->tempManager->getTemporaryFile();
+		$decryptedCertificateFile = $this->getTemporaryFileOrThrow();
 		file_put_contents($decryptedCertificateFile, $certificate);
 
 		$caBundle = [$this->certificateManager->getAbsoluteBundlePath()];
@@ -363,11 +363,11 @@ public function signMimePart(Horde_Mime_Part $part,
 			);
 		}
 
-		$decryptedCertificateFile = $this->tempManager->getTemporaryFile();
+		$decryptedCertificateFile = $this->getTemporaryFileOrThrow();
 		file_put_contents($decryptedCertificateFile, $decryptedCertificate);
 
-		$inPath = $this->tempManager->getTemporaryFile();
-		$outPath = $this->tempManager->getTemporaryFile();
+		$inPath = $this->getTemporaryFileOrThrow();
+		$outPath = $this->getTemporaryFileOrThrow();
 		file_put_contents($inPath, $part->toString([
 			'canonical' => true,
 			'headers' => true,
@@ -425,8 +425,8 @@ public function decryptMimePartText(string $mimePartText,
 			);
 		}
 
-		$inPath = $this->tempManager->getTemporaryFile();
-		$outPath = $this->tempManager->getTemporaryFile();
+		$inPath = $this->getTemporaryFileOrThrow();
+		$outPath = $this->getTemporaryFileOrThrow();
 		file_put_contents($inPath, $mimePartText);
 		if (!openssl_pkcs7_decrypt($inPath, $outPath, $decryptedCertificate, $decryptedKey)) {
 			throw new SmimeDecryptException('Failed to decrypt MIME part text');
@@ -581,8 +581,8 @@ public function encryptMimePart(Horde_Mime_Part $part, array $certificates): Hor
 			throw new ServiceException('Failed to decrypt certificate: ' . $e->getMessage(), 0, $e);
 		}
 
-		$inPath = $this->tempManager->getTemporaryFile();
-		$outPath = $this->tempManager->getTemporaryFile();
+		$inPath = $this->getTemporaryFileOrThrow();
+		$outPath = $this->getTemporaryFileOrThrow();
 		file_put_contents($inPath, $part->toString([
 			'canonical' => true,
 			'headers' => true,
@@ -610,4 +610,18 @@ public function encryptMimePart(Horde_Mime_Part $part, array $certificates): Hor
 
 		return $parsedPart;
 	}
+
+	/**
+	 * Create a temporary file and return the path or throw if it could not be created.
+	 *
+	 * @throws ServiceException If the temporary file could not be created
+	 */
+	private function getTemporaryFileOrThrow(): string {
+		$file = $this->tempManager->getTemporaryFile();
+		if ($file === false) {
+			throw new ServiceException('Failed to create temporary file');
+		}
+
+		return $file;
+	}
 }