Swiftdiff options
| author | Thanos Doukoudakis <thanos.doukoudakis@isode.com> | 2017-06-13 14:41:00 (GMT) |
|---|---|---|
| committer | Kevin Smith <kevin.smith@isode.com> | 2017-06-22 11:48:32 (GMT) |
| commit | b634796ad03d009ec9ef593f6a881a964e7f0d31 (patch) | |
| tree | 47fceae6c96f56168568c90813ae8479d4cd6572 | |
| parent | 2416d8818afe449dc93b9f8a4e0e3ecaeba0509d (diff) | |
| download | swift-b634796ad03d009ec9ef593f6a881a964e7f0d31.zip swift-b634796ad03d009ec9ef593f6a881a964e7f0d31.tar.bz2 | |
Handle badly-formed labels catalogue
Updated the code to ignore labels that belong to a catalog item that is
malformed and not added as a valid item.
Test-Information:
Added unit tests for badly formed catalog items and labels.
Tested on Windows 10 (Qt 5.7.1) and Ubuntu 16.04 (Qt 5.5.1)
Change-Id: I11fbd3b54faa3ee225a08a87ad8ed59977b7ff20
| -rw-r--r-- | Swiften/Parser/PayloadParsers/SecurityLabelsCatalogParser.cpp | 2 | ||||
| -rw-r--r-- | Swiften/Parser/PayloadParsers/UnitTest/SecurityLabelsCatalogParserTest.cpp | 57 |
2 files changed, 58 insertions, 1 deletions
diff --git a/Swiften/Parser/PayloadParsers/SecurityLabelsCatalogParser.cpp b/Swiften/Parser/PayloadParsers/SecurityLabelsCatalogParser.cpp index 1897080..58b0af0 100644 --- a/Swiften/Parser/PayloadParsers/SecurityLabelsCatalogParser.cpp +++ b/Swiften/Parser/PayloadParsers/SecurityLabelsCatalogParser.cpp @@ -7,61 +7,61 @@ #include <Swiften/Parser/PayloadParsers/SecurityLabelsCatalogParser.h> #include <cassert> #include <memory> #include <Swiften/Parser/PayloadParsers/SecurityLabelParser.h> #include <Swiften/Parser/PayloadParsers/SecurityLabelParserFactory.h> namespace Swift { SecurityLabelsCatalogParser::SecurityLabelsCatalogParser() : level_(TopLevel), labelParser_(nullptr) { labelParserFactory_ = new SecurityLabelParserFactory(); } SecurityLabelsCatalogParser::~SecurityLabelsCatalogParser() { delete labelParserFactory_; } void SecurityLabelsCatalogParser::handleStartElement(const std::string& element, const std::string& ns, const AttributeMap& attributes) { ++level_; if (level_ == PayloadLevel) { getPayloadInternal()->setTo(JID(attributes.getAttribute("to"))); getPayloadInternal()->setName(attributes.getAttribute("name")); getPayloadInternal()->setDescription(attributes.getAttribute("desc")); } else if (level_ == ItemLevel && element == "item" && ns == "urn:xmpp:sec-label:catalog:2") { currentItem_ = std::make_shared<SecurityLabelsCatalog::Item>(); currentItem_->setSelector(attributes.getAttribute("selector")); currentItem_->setIsDefault(attributes.getBoolAttribute("default", false)); } - else if (level_ == LabelLevel) { + else if (level_ == LabelLevel && currentItem_) { assert(!labelParser_); if (labelParserFactory_->canParse(element, ns, attributes)) { labelParser_ = dynamic_cast<SecurityLabelParser*>(labelParserFactory_->createPayloadParser()); assert(labelParser_); } } if (labelParser_) { labelParser_->handleStartElement(element, ns, attributes); } } void SecurityLabelsCatalogParser::handleEndElement(const std::string& element, const std::string& ns) { if (labelParser_) { labelParser_->handleEndElement(element, ns); } if (level_ == LabelLevel && labelParser_ && currentItem_) { std::shared_ptr<SecurityLabel> currentLabel = labelParser_->getLabelPayload(); assert(currentLabel); currentItem_->setLabel(currentLabel); delete labelParser_; labelParser_ = nullptr; } else if (level_ == ItemLevel && element == "item" && ns == "urn:xmpp:sec-label:catalog:2") { if (currentItem_) { getPayloadInternal()->addItem(SecurityLabelsCatalog::Item(*currentItem_)); currentItem_.reset(); } } --level_; diff --git a/Swiften/Parser/PayloadParsers/UnitTest/SecurityLabelsCatalogParserTest.cpp b/Swiften/Parser/PayloadParsers/UnitTest/SecurityLabelsCatalogParserTest.cpp index 2b992b1..ee7668c 100644 --- a/Swiften/Parser/PayloadParsers/UnitTest/SecurityLabelsCatalogParserTest.cpp +++ b/Swiften/Parser/PayloadParsers/UnitTest/SecurityLabelsCatalogParserTest.cpp @@ -1,63 +1,120 @@ /* * Copyright (c) 2010 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ #include <cppunit/extensions/HelperMacros.h> #include <cppunit/extensions/TestFactoryRegistry.h> #include <Swiften/Parser/PayloadParsers/SecurityLabelsCatalogParser.h> #include <Swiften/Parser/PayloadParsers/UnitTest/PayloadsParserTester.h> using namespace Swift; class SecurityLabelsCatalogParserTest : public CppUnit::TestFixture { CPPUNIT_TEST_SUITE(SecurityLabelsCatalogParserTest); CPPUNIT_TEST(testParse); + CPPUNIT_TEST(testParseInvalidInput); CPPUNIT_TEST_SUITE_END(); public: SecurityLabelsCatalogParserTest() {} void testParse() { PayloadsParserTester parser; CPPUNIT_ASSERT(parser.parse( "<catalog desc=\"an example set of labels\" name=\"Default\" to=\"example.com\" xmlns=\"urn:xmpp:sec-label:catalog:2\">" "<item selector='Classified|SECRET'>" "<securitylabel xmlns=\"urn:xmpp:sec-label:0\">" "<displaymarking bgcolor=\"red\" fgcolor=\"black\">SECRET</displaymarking>" "<label><esssecuritylabel xmlns=\"urn:xmpp:sec-label:ess:0\">MQYCAQQGASk=</esssecuritylabel></label>" "</securitylabel>" "</item>" "<item selector='Classified|CONFIDENTIAL' default='true'>" "<securitylabel xmlns=\"urn:xmpp:sec-label:0\">" "<displaymarking bgcolor=\"navy\" fgcolor=\"black\">CONFIDENTIAL</displaymarking>" "<label><esssecuritylabel xmlns=\"urn:xmpp:sec-label:ess:0\">MQMGASk=</esssecuritylabel></label>" "</securitylabel>" "</item>" "<item selector='Unclassified|UNCLASSIFIED'/>" "</catalog>")); SecurityLabelsCatalog* payload = dynamic_cast<SecurityLabelsCatalog*>(parser.getPayload().get()); CPPUNIT_ASSERT_EQUAL(std::string("Default"), payload->getName()); CPPUNIT_ASSERT_EQUAL(std::string("an example set of labels"), payload->getDescription()); CPPUNIT_ASSERT_EQUAL(JID("example.com"), payload->getTo()); CPPUNIT_ASSERT_EQUAL(3, static_cast<int>(payload->getItems().size())); + CPPUNIT_ASSERT_EQUAL(std::string("SECRET"), payload->getItems()[0].getLabel()->getDisplayMarking()); CPPUNIT_ASSERT_EQUAL(std::string("<esssecuritylabel xmlns=\"urn:xmpp:sec-label:ess:0\">MQYCAQQGASk=</esssecuritylabel>"), payload->getItems()[0].getLabel()->getLabel()); CPPUNIT_ASSERT_EQUAL(false, payload->getItems()[0].getIsDefault()); CPPUNIT_ASSERT_EQUAL(std::string("Classified|SECRET"), payload->getItems()[0].getSelector()); CPPUNIT_ASSERT_EQUAL(std::string("CONFIDENTIAL"), payload->getItems()[1].getLabel()->getDisplayMarking()); CPPUNIT_ASSERT_EQUAL(std::string("<esssecuritylabel xmlns=\"urn:xmpp:sec-label:ess:0\">MQMGASk=</esssecuritylabel>"), payload->getItems()[1].getLabel()->getLabel()); CPPUNIT_ASSERT_EQUAL(true, payload->getItems()[1].getIsDefault()); CPPUNIT_ASSERT_EQUAL(std::string("Classified|CONFIDENTIAL"), payload->getItems()[1].getSelector()); CPPUNIT_ASSERT_EQUAL(false, payload->getItems()[2].getIsDefault()); CPPUNIT_ASSERT_EQUAL(std::string("Unclassified|UNCLASSIFIED"), payload->getItems()[2].getSelector()); CPPUNIT_ASSERT(!payload->getItems()[2].getLabel()); } + + void testParseInvalidInput() { + PayloadsParserTester parser; + + CPPUNIT_ASSERT(parser.parse( + "<catalog desc=\"an example set of labels\" name=\"Default\" to=\"example.com\" xmlns=\"urn:xmpp:sec-label:catalog:2\">" + "<item selector='Classified|INVALID-SECRET' xmlns=\"\">" + "<securitylabel xmlns=\"urn:xmpp:sec-label:0\">" + "<displaymarking bgcolor=\"red\" fgcolor=\"black\">INVALID-SECRET</displaymarking>" + "<label><esssecuritylabel xmlns=\"urn:xmpp:sec-label:ess:0\">MQYCAQQGASk=</esssecuritylabel></label>" + "</securitylabel>" + "</item>" + "<item selector='Classified|INVALID-TOPSECRET' xmlns=\"urn:xmpp:sec-label:catalog:invalid:2\">" + "<securitylabel xmlns=\"urn:xmpp:sec-label:0\">" + "<displaymarking bgcolor=\"red\" fgcolor=\"black\">INVALID-TOPSECRET</displaymarking>" + "<label><esssecuritylabel xmlns=\"urn:xmpp:sec-label:ess:0\">MQYCAQQGASk=</esssecuritylabel></label>" + "</securitylabel>" + "</item>" + "<item selector='Classified|CONFIDENTIAL' default='true' xmlns=\"urn:xmpp:sec-label:catalog:2\">" + "<securitylabel xmlns=\"urn:xmpp:sec-label:0\">" + "<displaymarking bgcolor=\"navy\" fgcolor=\"black\">CONFIDENTIAL</displaymarking>" + "<label><esssecuritylabel xmlns=\"urn:xmpp:sec-label:ess:0\">MQMGASk=</esssecuritylabel></label>" + "</securitylabel>" + "</item>" + "<item selector='Classified|INVALID-LABEL'>" + "<securitylabel xmlns=\"\">" + "<displaymarking bgcolor=\"yellow\" fgcolor=\"black\">INVALID</displaymarking>" + "<label><esssecuritylabel xmlns=\"urn:xmpp:sec-label:ess:0\">MQYCAQQGASk=</esssecuritylabel></label>" + "</securitylabel>" + "</item>" + "<item selector='Unclassified|UNCLASSIFIED'/>" + "</catalog>")); + + SecurityLabelsCatalog* payload = dynamic_cast<SecurityLabelsCatalog*>(parser.getPayload().get()); + CPPUNIT_ASSERT_EQUAL(std::string("Default"), payload->getName()); + CPPUNIT_ASSERT_EQUAL(std::string("an example set of labels"), payload->getDescription()); + CPPUNIT_ASSERT_EQUAL(JID("example.com"), payload->getTo()); + CPPUNIT_ASSERT_EQUAL(3, static_cast<int>(payload->getItems().size())); + + CPPUNIT_ASSERT(payload->getItems()[0].getLabel()); + if (payload->getItems()[0].getLabel()) { + CPPUNIT_ASSERT_EQUAL(std::string("CONFIDENTIAL"), payload->getItems()[0].getLabel()->getDisplayMarking()); + CPPUNIT_ASSERT_EQUAL(std::string("<esssecuritylabel xmlns=\"urn:xmpp:sec-label:ess:0\">MQMGASk=</esssecuritylabel>"), payload->getItems()[0].getLabel()->getLabel()); + CPPUNIT_ASSERT_EQUAL(true, payload->getItems()[0].getIsDefault()); + CPPUNIT_ASSERT_EQUAL(std::string("Classified|CONFIDENTIAL"), payload->getItems()[0].getSelector()); + } + //The label is invalid, but the rest of the item entry should be there. + CPPUNIT_ASSERT(!payload->getItems()[1].getLabel()); + CPPUNIT_ASSERT_EQUAL(false, payload->getItems()[1].getIsDefault()); + CPPUNIT_ASSERT_EQUAL(std::string("Classified|INVALID-LABEL"), payload->getItems()[1].getSelector()); + CPPUNIT_ASSERT_EQUAL(false, payload->getItems()[2].getIsDefault()); + CPPUNIT_ASSERT_EQUAL(std::string("Unclassified|UNCLASSIFIED"), payload->getItems()[2].getSelector()); + CPPUNIT_ASSERT(!payload->getItems()[2].getLabel()); + } + }; CPPUNIT_TEST_SUITE_REGISTRATION(SecurityLabelsCatalogParserTest); |