Jump to content

[Solved] Account suspended


murilo

Recommended Posts

It’s suspended for filling /tmp, which causes the server to stop working properly.

 

This is usually due to software that is either poorly written, broken, or is otherwise failing to clean up after itself. PHP’s Imagick also causes this quite a bit.

 

You’ll need to go through your code and figure out what’s causing this.

 

Unsuspended.

  • Like 1
Link to comment
Share on other sites

There's no way for users to directly access /tmp because its shared by everybody and would be a security risk. Your code can remove the files you own though if you know the names.

 

It's usually excessive use of Imagick (which is known for leaving huge temp files behind) or forms accepting uploads that aren't moved or deleted after upload. 

 

If your code is going to put files in /tmp, you either need to move them to somewhere inside your home folder if they are to be kept permanently, or delete them with unlink() if no longer needed. You should do this as soon as possible in your code after creating/using the file, as PHP will not clean up after itself, especially in cases where the script handling the upload times out or otherwise fails.

 

Krydos can give more information on this subject, so I'll escalate this to him to see if he has any input.

  • Like 1
Link to comment
Share on other sites

Yea, I found Imagick in my code, it's being used to upload an image to Cloudinary. How can I implement that "unlink()" thing you said? Sorry, I'm new to coding, currently hosting an open source repository and apparently it doesn't clean up after itself.

Link to comment
Share on other sites

function uploadImage($file, $width = null, $height = null) {
    if($width !== null && $height !== null && extension_loaded('imagick')) {
        $imagick = new Imagick();
        $imagick->readImageBlob($file);
        if($imagick->getImageFormat() === 'GIF') {
            $imagick = $imagick->coalesceImages();
            $imagick->cropThumbnailImage($width, $height);
            while($imagick->nextImage()) {
                $imagick->cropThumbnailImage($width, $height);
            }
            $imagick = $imagick->deconstructImages();
        } else {
            $imagick->cropThumbnailImage($width, $height);
        }
        $file = $imagick->getImagesBlob();
    }
    if(empty(CLOUDINARY_CLOUDNAME) || empty(CLOUDINARY_UPLOADPRESET)) {
        return null;
    }
    $mime = finfo_buffer(finfo_open(), $file, FILEINFO_MIME_TYPE);
    $ch = curl_init('https://api.cloudinary.com/v1_1/' . urlencode(CLOUDINARY_CLOUDNAME) . '/image/upload');
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query(['upload_preset' => CLOUDINARY_UPLOADPRESET, 'file' => 'data:' . $mime . ';base64,' . base64_encode($file)]));
    $response = curl_exec($ch);
    $responseJSON = json_decode($response);
    $responseCode = curl_getinfo($ch, CURLINFO_RESPONSE_CODE);
    if($responseCode > 299 || $responseCode < 200) {
        return null;
    }
    curl_close($ch);
    return $responseJSON->secure_url;
    unlink ($file);

This is the code. I just added "unlink ($file);" in the end of it. Didn't give me an Internal Server Error, so I guess it's working.

Link to comment
Share on other sites

The best way to avoid getting suspended for this again is to use /home/murilo/tmp instead of /tmp. That way if your script goes nuts and fills something up only your own account will be affected not the whole server.

$i = new Imagick();
$i->setRegistry('temporary-path', '/home/murilo/tmp');
Deleting the temporary files after they're used is useful too, but if your temporary files are bigger than /tmp or if your script crashes before it gets to the deletion it will still get you suspended.
  • Like 1
Link to comment
Share on other sites

I implemented that line in my script and apparently it worked. It looks like this now:

function uploadImage($file, $width = null, $height = null) {
    if($width !== null && $height !== null && extension_loaded('imagick')) {
        $imagick = new Imagick();
        $imagick->setRegistry('temporary-path', '/home/murilo/tmp');
        $imagick->readImageBlob($file);
        if($imagick->getImageFormat() === 'GIF') {
            $imagick = $imagick->coalesceImages();
            $imagick->cropThumbnailImage($width, $height);
            while($imagick->nextImage()) {
                $imagick->cropThumbnailImage($width, $height);
            }
            $imagick = $imagick->deconstructImages();
        } else {
            $imagick->cropThumbnailImage($width, $height);
        }
        $file = $imagick->getImagesBlob();
    }
    if(empty(CLOUDINARY_CLOUDNAME) || empty(CLOUDINARY_UPLOADPRESET)) {
        return null;
    }
    $mime = finfo_buffer(finfo_open(), $file, FILEINFO_MIME_TYPE);
    $ch = curl_init('https://api.cloudinary.com/v1_1/' . urlencode(CLOUDINARY_CLOUDNAME) . '/image/upload');
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query(['upload_preset' => CLOUDINARY_UPLOADPRESET, 'file' => 'data:' . $mime . ';base64,' . base64_encode($file)]));
    $response = curl_exec($ch);
    $responseJSON = json_decode($response);
    $responseCode = curl_getinfo($ch, CURLINFO_RESPONSE_CODE);
    if($responseCode > 299 || $responseCode < 200) {
        return null;
    }
    curl_close($ch);
    return $responseJSON->secure_url;
    unlink ($file, file, $imagick, 'temporary-path');
}
Link to comment
Share on other sites

It's not working, it's just placed where it will never execute so there's no chance for it to run and produce an error. A return statement ends the function and sends the program back to whatever called it. Putting unlink after return means the function ends and returns before it ever gets to the unlink statement.

  • Like 1
Link to comment
Share on other sites

It might be, hard to say since I don't know how that code is used in the context of your software. It appears that $file is a path to an image file, probably submitted via a form, based on the context though, IMagick processes it, the cURL stuff uploads the IMagick result to a third party image host, then it unlinks the source file.

 

IMagick should be putting stuff in your home folder's tmp now too, so that shouldn't be an issue.

  • Like 1
Link to comment
Share on other sites

My software is a social network. That code uploads an user image to Cloudinary for being attached to their post. I tried running the script without the unlink line and it didn't create any files in my /tmp folder. Something is wrong. The code doesn't make any references to any other places that it could save temporary files. I'm confused now.

Link to comment
Share on other sites

Well, I'm going to keep the unlink thing in the code since it doesn't return any errors or problems. I don't know if it's necessary to have references to the shared /tmp folder for Imagick to save files on it. Hope it's now cleaning itself.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...