From: Lucas Di Pentima Date: Fri, 18 Jan 2019 23:24:43 +0000 (-0300) Subject: 14482: Stricter token regexes. X-Git-Tag: 1.4.0~172^2 X-Git-Url: https://git.arvados.org/arvados.git/commitdiff_plain/9363a29fadbb1af352652e639f2c4cdfd1336d4d 14482: Stricter token regexes. Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima --- diff --git a/sdk/ruby/lib/arvados/keep.rb b/sdk/ruby/lib/arvados/keep.rb index 782b274b0a..458af53a74 100644 --- a/sdk/ruby/lib/arvados/keep.rb +++ b/sdk/ruby/lib/arvados/keep.rb @@ -101,11 +101,11 @@ module Keep end class Manifest - STREAM_TOKEN_REGEXP = /^[^\000-\040]+$/ + STREAM_TOKEN_REGEXP = /^([^\000-\040\\]|\\[0-3][0-7][0-7])+$/ STREAM_NAME_REGEXP = /^(\.)(\/[^\/]+)*$/ EMPTY_DIR_TOKEN_REGEXP = /^0:0:\.$/ # The exception when a file can have '.' as a name - FILE_TOKEN_REGEXP = /^[[:digit:]]+:[[:digit:]]+:[^\000-\040]+$/ + FILE_TOKEN_REGEXP = /^[[:digit:]]+:[[:digit:]]+:([^\000-\040\\]|\\[0-3][0-7][0-7])+$/ FILE_NAME_REGEXP = /^[[:digit:]]+:[[:digit:]]+:([^\/]+(\/[^\/]+)*)$/ NON_8BIT_ENCODED_CHAR = /[^\\]\\[4-7][0-7][0-7]/ diff --git a/sdk/ruby/test/test_keep_manifest.rb b/sdk/ruby/test/test_keep_manifest.rb index 813b3ed82b..eee8b39699 100644 --- a/sdk/ruby/test/test_keep_manifest.rb +++ b/sdk/ruby/test/test_keep_manifest.rb @@ -451,7 +451,8 @@ class ManifestTest < Minitest::Test [true, ".\\057Data d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\n"], [true, "\\056\\057Data d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\n"], [true, "./\\134444 d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\n"], - [true, "./\\\\444 d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\n"], + [false, "./\\\\444 d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\n", + "Manifest invalid for stream 1: missing or invalid stream name \"./\\\\\\\\444\""], [true, "./\\011foo d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\n"], [false, "./\\011/.. d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\n", "Manifest invalid for stream 1: missing or invalid stream name \"./\\\\011/..\""], @@ -465,6 +466,22 @@ class ManifestTest < Minitest::Test "Manifest invalid for stream 1: >8-bit encoded chars not allowed on stream token \"./\\\\444\""], [false, "./\tfoo d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\n", "Manifest invalid for stream 1: missing or invalid stream name \"./\\tfoo\""], + [false, "./foo\\ d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\n", + "Manifest invalid for stream 1: missing or invalid stream name \"./foo\\\\\""], + [false, "./foo\\r d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\n", + "Manifest invalid for stream 1: missing or invalid stream name \"./foo\\\\r\""], + [false, "./foo\\444 d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\n", + "Manifest invalid for stream 1: >8-bit encoded chars not allowed on stream token \"./foo\\\\444\""], + [false, "./foo\\888 d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\n", + "Manifest invalid for stream 1: missing or invalid stream name \"./foo\\\\888\""], + [false, ". d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\\\n", + "Manifest invalid for stream 1: invalid file token \"0:0:foo\\\\\""], + [false, ". d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\\r\n", + "Manifest invalid for stream 1: invalid file token \"0:0:foo\\\\r\""], + [false, ". d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\\444\n", + "Manifest invalid for stream 1: >8-bit encoded chars not allowed on file token \"0:0:foo\\\\444\""], + [false, ". d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\\888\n", + "Manifest invalid for stream 1: invalid file token \"0:0:foo\\\\888\""], [false, ". d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\\057/bar\n", "Manifest invalid for stream 1: invalid file token \"0:0:foo\\\\057/bar\""], [false, ".\\057/Data d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\n",