Damn, I messed up with Git, so I’m taking this from Github to here.
There’s a tiny bug in the UploadValidator which will raise a NoMethodError when being fed certain invalid data: a filename without an extension. This usually doesn’t happen because the buggy codepath is not executed when such files are actually allowed and the frontend doesn’t pass uploads without an extension on to the backend when they aren’t allowed, but I ran into it while importing attachments and avatars from an old (SMF2) forum.
--- a/lib/validators/upload_validator.rb +++ b/lib/validators/upload_validator.rb @@ -5,7 +5,7 @@ module Validators; end class Validators::UploadValidator < ActiveModel::Validator def validate(upload) - extension = File.extname(upload.original_filename)[1..-1] + extension = File.extname(upload.original_filename)[1..-1] || "" if is_authorized?(upload, extension) if FileHelper.is_image?(upload.original_filename)