From 34905701a0b88fa4a3ff327d14cff871ceecb29d Mon Sep 17 00:00:00 2001
From: shiroyashik <shiroyashik@shsr.ru>
Date: Mon, 10 Jun 2024 07:23:53 +0300
Subject: [PATCH] Add check for max_avatar_size

---
 src/main.rs | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/main.rs b/src/main.rs
index 5b0a9a8..d4589db 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -1,4 +1,4 @@
-use anyhow::Result;
+use anyhow::{anyhow, Result};
 use axum::{
     extract::DefaultBodyLimit, middleware::from_extractor, routing::{delete, get, post, put}, Router
 };
@@ -6,7 +6,7 @@ use dashmap::DashMap;
 use std::sync::Arc;
 use tokio::sync::{broadcast, Mutex};
 use tower_http::trace::TraceLayer;
-use tracing::info;
+use tracing::{error, info};
 use uuid::Uuid;
 
 // WebSocket worker
@@ -138,7 +138,14 @@ async fn main() -> Result<()> {
         }
     });
 
-    let max_body_size = state.config.clone().lock().await.limitations.max_avatar_size as usize;
+    let max_body_size = {
+        let mbs = state.config.clone().lock().await.limitations.max_avatar_size as usize;
+        if mbs >= 1024 {
+            mbs
+        } else {
+            return Err(anyhow!("maxAvatarSize {mbs} smaller than 1024!"));
+        }
+    };
     let api = Router::new()
         .nest("//auth", api_auth::router())
         .route("/limits", get(api_info::limits))