summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorThanos Doukoudakis <thanos.doukoudakis@isode.com>2017-06-13 14:41:00 (GMT)
committerKevin Smith <kevin.smith@isode.com>2017-06-22 11:48:32 (GMT)
commitb634796ad03d009ec9ef593f6a881a964e7f0d31 (patch)
tree47fceae6c96f56168568c90813ae8479d4cd6572
parent2416d8818afe449dc93b9f8a4e0e3ecaeba0509d (diff)
downloadswift-b634796ad03d009ec9ef593f6a881a964e7f0d31.zip
swift-b634796ad03d009ec9ef593f6a881a964e7f0d31.tar.bz2
Handle badly-formed labels catalogue
Updated the code to ignore labels that belong to a catalog item that is malformed and not added as a valid item. Test-Information: Added unit tests for badly formed catalog items and labels. Tested on Windows 10 (Qt 5.7.1) and Ubuntu 16.04 (Qt 5.5.1) Change-Id: I11fbd3b54faa3ee225a08a87ad8ed59977b7ff20
-rw-r--r--Swiften/Parser/PayloadParsers/SecurityLabelsCatalogParser.cpp2
-rw-r--r--Swiften/Parser/PayloadParsers/UnitTest/SecurityLabelsCatalogParserTest.cpp57
2 files changed, 58 insertions, 1 deletions
diff --git a/Swiften/Parser/PayloadParsers/SecurityLabelsCatalogParser.cpp b/Swiften/Parser/PayloadParsers/SecurityLabelsCatalogParser.cpp
index 1897080..58b0af0 100644
--- a/Swiften/Parser/PayloadParsers/SecurityLabelsCatalogParser.cpp
+++ b/Swiften/Parser/PayloadParsers/SecurityLabelsCatalogParser.cpp
@@ -34,7 +34,7 @@ void SecurityLabelsCatalogParser::handleStartElement(const std::string& element,
currentItem_->setSelector(attributes.getAttribute("selector"));
currentItem_->setIsDefault(attributes.getBoolAttribute("default", false));
}
- else if (level_ == LabelLevel) {
+ else if (level_ == LabelLevel && currentItem_) {
assert(!labelParser_);
if (labelParserFactory_->canParse(element, ns, attributes)) {
labelParser_ = dynamic_cast<SecurityLabelParser*>(labelParserFactory_->createPayloadParser());
diff --git a/Swiften/Parser/PayloadParsers/UnitTest/SecurityLabelsCatalogParserTest.cpp b/Swiften/Parser/PayloadParsers/UnitTest/SecurityLabelsCatalogParserTest.cpp
index 2b992b1..ee7668c 100644
--- a/Swiften/Parser/PayloadParsers/UnitTest/SecurityLabelsCatalogParserTest.cpp
+++ b/Swiften/Parser/PayloadParsers/UnitTest/SecurityLabelsCatalogParserTest.cpp
@@ -16,6 +16,7 @@ class SecurityLabelsCatalogParserTest : public CppUnit::TestFixture
{
CPPUNIT_TEST_SUITE(SecurityLabelsCatalogParserTest);
CPPUNIT_TEST(testParse);
+ CPPUNIT_TEST(testParseInvalidInput);
CPPUNIT_TEST_SUITE_END();
public:
@@ -46,6 +47,7 @@ class SecurityLabelsCatalogParserTest : public CppUnit::TestFixture
CPPUNIT_ASSERT_EQUAL(std::string("an example set of labels"), payload->getDescription());
CPPUNIT_ASSERT_EQUAL(JID("example.com"), payload->getTo());
CPPUNIT_ASSERT_EQUAL(3, static_cast<int>(payload->getItems().size()));
+
CPPUNIT_ASSERT_EQUAL(std::string("SECRET"), payload->getItems()[0].getLabel()->getDisplayMarking());
CPPUNIT_ASSERT_EQUAL(std::string("<esssecuritylabel xmlns=\"urn:xmpp:sec-label:ess:0\">MQYCAQQGASk=</esssecuritylabel>"), payload->getItems()[0].getLabel()->getLabel());
CPPUNIT_ASSERT_EQUAL(false, payload->getItems()[0].getIsDefault());
@@ -58,6 +60,61 @@ class SecurityLabelsCatalogParserTest : public CppUnit::TestFixture
CPPUNIT_ASSERT_EQUAL(std::string("Unclassified|UNCLASSIFIED"), payload->getItems()[2].getSelector());
CPPUNIT_ASSERT(!payload->getItems()[2].getLabel());
}
+
+ void testParseInvalidInput() {
+ PayloadsParserTester parser;
+
+ CPPUNIT_ASSERT(parser.parse(
+ "<catalog desc=\"an example set of labels\" name=\"Default\" to=\"example.com\" xmlns=\"urn:xmpp:sec-label:catalog:2\">"
+ "<item selector='Classified|INVALID-SECRET' xmlns=\"\">"
+ "<securitylabel xmlns=\"urn:xmpp:sec-label:0\">"
+ "<displaymarking bgcolor=\"red\" fgcolor=\"black\">INVALID-SECRET</displaymarking>"
+ "<label><esssecuritylabel xmlns=\"urn:xmpp:sec-label:ess:0\">MQYCAQQGASk=</esssecuritylabel></label>"
+ "</securitylabel>"
+ "</item>"
+ "<item selector='Classified|INVALID-TOPSECRET' xmlns=\"urn:xmpp:sec-label:catalog:invalid:2\">"
+ "<securitylabel xmlns=\"urn:xmpp:sec-label:0\">"
+ "<displaymarking bgcolor=\"red\" fgcolor=\"black\">INVALID-TOPSECRET</displaymarking>"
+ "<label><esssecuritylabel xmlns=\"urn:xmpp:sec-label:ess:0\">MQYCAQQGASk=</esssecuritylabel></label>"
+ "</securitylabel>"
+ "</item>"
+ "<item selector='Classified|CONFIDENTIAL' default='true' xmlns=\"urn:xmpp:sec-label:catalog:2\">"
+ "<securitylabel xmlns=\"urn:xmpp:sec-label:0\">"
+ "<displaymarking bgcolor=\"navy\" fgcolor=\"black\">CONFIDENTIAL</displaymarking>"
+ "<label><esssecuritylabel xmlns=\"urn:xmpp:sec-label:ess:0\">MQMGASk=</esssecuritylabel></label>"
+ "</securitylabel>"
+ "</item>"
+ "<item selector='Classified|INVALID-LABEL'>"
+ "<securitylabel xmlns=\"\">"
+ "<displaymarking bgcolor=\"yellow\" fgcolor=\"black\">INVALID</displaymarking>"
+ "<label><esssecuritylabel xmlns=\"urn:xmpp:sec-label:ess:0\">MQYCAQQGASk=</esssecuritylabel></label>"
+ "</securitylabel>"
+ "</item>"
+ "<item selector='Unclassified|UNCLASSIFIED'/>"
+ "</catalog>"));
+
+ SecurityLabelsCatalog* payload = dynamic_cast<SecurityLabelsCatalog*>(parser.getPayload().get());
+ CPPUNIT_ASSERT_EQUAL(std::string("Default"), payload->getName());
+ CPPUNIT_ASSERT_EQUAL(std::string("an example set of labels"), payload->getDescription());
+ CPPUNIT_ASSERT_EQUAL(JID("example.com"), payload->getTo());
+ CPPUNIT_ASSERT_EQUAL(3, static_cast<int>(payload->getItems().size()));
+
+ CPPUNIT_ASSERT(payload->getItems()[0].getLabel());
+ if (payload->getItems()[0].getLabel()) {
+ CPPUNIT_ASSERT_EQUAL(std::string("CONFIDENTIAL"), payload->getItems()[0].getLabel()->getDisplayMarking());
+ CPPUNIT_ASSERT_EQUAL(std::string("<esssecuritylabel xmlns=\"urn:xmpp:sec-label:ess:0\">MQMGASk=</esssecuritylabel>"), payload->getItems()[0].getLabel()->getLabel());
+ CPPUNIT_ASSERT_EQUAL(true, payload->getItems()[0].getIsDefault());
+ CPPUNIT_ASSERT_EQUAL(std::string("Classified|CONFIDENTIAL"), payload->getItems()[0].getSelector());
+ }
+ //The label is invalid, but the rest of the item entry should be there.
+ CPPUNIT_ASSERT(!payload->getItems()[1].getLabel());
+ CPPUNIT_ASSERT_EQUAL(false, payload->getItems()[1].getIsDefault());
+ CPPUNIT_ASSERT_EQUAL(std::string("Classified|INVALID-LABEL"), payload->getItems()[1].getSelector());
+ CPPUNIT_ASSERT_EQUAL(false, payload->getItems()[2].getIsDefault());
+ CPPUNIT_ASSERT_EQUAL(std::string("Unclassified|UNCLASSIFIED"), payload->getItems()[2].getSelector());
+ CPPUNIT_ASSERT(!payload->getItems()[2].getLabel());
+ }
+
};
CPPUNIT_TEST_SUITE_REGISTRATION(SecurityLabelsCatalogParserTest);