diff options
author | Marc Strapetz <marc.strapetz@syntevo.com> | 2010-03-23 09:21:18 +0100 |
---|---|---|
committer | Marc Strapetz <marc.strapetz@syntevo.com> | 2010-03-23 09:21:18 +0100 |
commit | 2b6c555aee869b7ef01c5953a143ca18583af182 (patch) | |
tree | e09f38dc6db5c62aff791ef9c2d525e32f1aeb95 | |
parent | c80181c7379a3564df02503441c563b10a855808 (diff) | |
download | jgit-2b6c555aee869b7ef01c5953a143ca18583af182.tar.gz jgit-2b6c555aee869b7ef01c5953a143ca18583af182.zip |
Make parsing of PersonIdent from raw byte array fault-tolerant.
RawParseUtils.parsePersonIdent handles now those invalid byte sequences
which would result in IndexOutOfBoundsException and returns null in this
case.
-rw-r--r-- | org.eclipse.jgit.test/tst/org/eclipse/jgit/util/RawParseUtils_ParsePersonIdentTest.java | 100 | ||||
-rw-r--r-- | org.eclipse.jgit/src/org/eclipse/jgit/util/RawParseUtils.java | 14 |
2 files changed, 113 insertions, 1 deletions
diff --git a/org.eclipse.jgit.test/tst/org/eclipse/jgit/util/RawParseUtils_ParsePersonIdentTest.java b/org.eclipse.jgit.test/tst/org/eclipse/jgit/util/RawParseUtils_ParsePersonIdentTest.java new file mode 100644 index 0000000000..2981e31c13 --- /dev/null +++ b/org.eclipse.jgit.test/tst/org/eclipse/jgit/util/RawParseUtils_ParsePersonIdentTest.java @@ -0,0 +1,100 @@ +/* + * Copyright (C) 2010, Marc Strapetz <marc.strapetz@syntevo.com> + * and other copyright owners as documented in the project's IP log. + * + * This program and the accompanying materials are made available + * under the terms of the Eclipse Distribution License v1.0 which + * accompanies this distribution, is reproduced below, and is + * available at http://www.eclipse.org/org/documents/edl-v10.php + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * - Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * - Neither the name of the Eclipse Foundation, Inc. nor the + * names of its contributors may be used to endorse or promote + * products derived from this software without specific prior + * written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +package org.eclipse.jgit.util; + +import java.io.UnsupportedEncodingException; +import java.util.Date; +import java.util.TimeZone; + +import org.eclipse.jgit.lib.PersonIdent; + +import junit.framework.TestCase; + +public class RawParseUtils_ParsePersonIdentTest extends TestCase { + + public void testParsePersonIdent_legalCases() + throws UnsupportedEncodingException { + final Date when = new Date(1234567890000l); + final TimeZone tz = TimeZone.getTimeZone("GMT-7"); + + assertPersonIdent("Me <me@example.com> 1234567890 -0700", 0, + new PersonIdent("Me", "me@example.com", when, tz)); + + assertPersonIdent(" Me <me@example.com> 1234567890 -0700", 1, + new PersonIdent("Me", "me@example.com", when, tz)); + + assertPersonIdent("Me <> 1234567890 -0700", 0, new PersonIdent("Me", + "", when, tz)); + + assertPersonIdent(" <me@example.com> 1234567890 -0700", 0, + new PersonIdent("", "me@example.com", when, tz)); + + assertPersonIdent(" <> 1234567890 -0700", 0, new PersonIdent("", "", + when, tz)); + } + + public void testParsePersonIdent_malformedCases() + throws UnsupportedEncodingException { + assertPersonIdent("Me me@example.com> 1234567890 -0700", 0, null); + assertPersonIdent("Me <me@example.com 1234567890 -0700", 0, null); + + assertPersonIdent("<>", 0, null); + assertPersonIdent("<me@example.com>", 0, null); + assertPersonIdent(" <>", 0, null); + assertPersonIdent(" <me@example.com>", 0, null); + assertPersonIdent("Me <>", 0, null); + assertPersonIdent("Me <me@example.com>", 0, null); + + assertPersonIdent("Me <me@example.com> 1234567890", 0, null); + assertPersonIdent("<me@example.com> 1234567890 -0700", 0, null); + assertPersonIdent("<> 1234567890 -0700", 0, null); + } + + private void assertPersonIdent(String line, int nameB, PersonIdent expected) + throws UnsupportedEncodingException { + PersonIdent actual = RawParseUtils.parsePersonIdent(line + .getBytes("UTF-8"), nameB); + assertEquals(expected, actual); + } +} diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/util/RawParseUtils.java b/org.eclipse.jgit/src/org/eclipse/jgit/util/RawParseUtils.java index ca6188692c..6259f7cbec 100644 --- a/org.eclipse.jgit/src/org/eclipse/jgit/util/RawParseUtils.java +++ b/org.eclipse.jgit/src/org/eclipse/jgit/util/RawParseUtils.java @@ -673,14 +673,26 @@ public final class RawParseUtils { final Charset cs = parseEncoding(raw); final int emailB = nextLF(raw, nameB, '<'); final int emailE = nextLF(raw, emailB, '>'); + if (emailB <= nameB + 1 || // No name + emailB >= raw.length || // No email start + raw[emailB] == '\n' || + emailE >= raw.length - 1 || // No email end at all or no trailing date + raw[emailE] == '\n') { + return null; + } final String name = decode(cs, raw, nameB, emailB - 2); final String email = decode(cs, raw, emailB, emailE - 1); final MutableInteger ptrout = new MutableInteger(); final long when = parseLongBase10(raw, emailE + 1, ptrout); - final int tz = parseTimeZoneOffset(raw, ptrout.value); + final int whenE = ptrout.value; + if (whenE >= raw.length || // No trailing timezone + raw[whenE] == '\n') { + return null; + } + final int tz = parseTimeZoneOffset(raw, whenE); return new PersonIdent(name, email, when * 1000L, tz); } |