Directory symlinks skip max download size checks #4713
Description
Downloading a symlink to a directory instead of a directory directly bypasses the size check for the downloads (OOD_DOWNLOAD_DIR_MAX).
Can be reproduced with the following files (with default OOD_DOWNLOAD_DIR_MAX, 10.7GB):
[rkarlsso@blahake zipfiletesting]$ mkdir dir
[rkarlsso@blahake zipfiletesting]$ fallocate -l 15G dir/bigfile.dat
[rkarlsso@blahake zipfiletesting]$ ln -s dir link_to_dir
Downloading dir cases an error as expected: The directory is too large to download as a zip. The directory should be less than 10737418240 bytes., but downloading link_to_dir succeeds.
The logs indicate that the du command runs on the symlink itself, not the target, which skips both the time-based check and the size-based check:
Started GET "/pun/dev/dashboard/files/fs/home/rkarlsso/ondemand/zipfiletesting/dir?can_download=1761221245958" for 2001:708:10:10:8521:97bd:882a:81aa at 2025-10-23 12:07:25 +0000
Processing by FilesController#fs as HTML
Parameters: {"can_download"=>"1761221245958", "fs"=>"fs", "filepath"=>"home/rkarlsso/ondemand/zipfiletesting/dir"}
execve = ["timeout", "5s", "du", "-cbs", "/home/rkarlsso/ondemand/zipfiletesting/dir"]
Completed 200 OK in 11ms (Views: 0.3ms | Allocations: 2126)
Started GET "/pun/dev/dashboard/files/fs/home/rkarlsso/ondemand/zipfiletesting/link_to_dir?can_download=1761221318825" for 2001:708:10:10:8521:97bd:882a:81aa at 2025-10-23 12:08:38 +0000
Processing by FilesController#fs as HTML
Parameters: {"can_download"=>"1761221318825", "fs"=>"fs", "filepath"=>"home/rkarlsso/ondemand/zipfiletesting/link_to_dir"}
execve = ["timeout", "5s", "du", "-cbs", "/home/rkarlsso/ondemand/zipfiletesting/link_to_dir"]
Completed 200 OK in 10ms (Views: 0.3ms | Allocations: 2091)
[rkarlsso@blahake zipfiletesting]$ timeout 5s du -cbs /home/rkarlsso/ondemand/zipfiletesting/dir/
16106131456 /home/rkarlsso/ondemand/zipfiletesting/dir/
16106131456 total
[rkarlsso@blahake zipfiletesting]$ timeout 5s du -cbs /home/rkarlsso/ondemand/zipfiletesting/link_to_dir
3 /home/rkarlsso/ondemand/zipfiletesting/link_to_dir
3 total