mirror of
https://github.com/tahoe-lafs/tahoe-lafs.git
synced 2024-12-23 23:02:25 +00:00
Validate another edge case of bad storage index.
This commit is contained in:
parent
4efa65d3db
commit
87ab56426a
@ -18,12 +18,13 @@ else:
|
||||
|
||||
from functools import wraps
|
||||
from base64 import b64decode
|
||||
import binascii
|
||||
|
||||
from klein import Klein
|
||||
from twisted.web import http
|
||||
import attr
|
||||
from werkzeug.http import parse_range_header, parse_content_range_header
|
||||
from werkzeug.routing import BaseConverter
|
||||
from werkzeug.routing import BaseConverter, ValidationError
|
||||
from werkzeug.datastructures import ContentRange
|
||||
|
||||
# TODO Make sure to use pure Python versions?
|
||||
@ -148,7 +149,10 @@ class StorageIndexConverter(BaseConverter):
|
||||
regex = "[" + str(rfc3548_alphabet, "ascii") + "]{26}"
|
||||
|
||||
def to_python(self, value):
|
||||
return si_a2b(value.encode("ascii"))
|
||||
try:
|
||||
return si_a2b(value.encode("ascii"))
|
||||
except (AssertionError, binascii.Error, ValueError):
|
||||
raise ValidationError("Invalid storage index")
|
||||
|
||||
|
||||
class HTTPServer(object):
|
||||
|
@ -191,10 +191,15 @@ class RouteConverterTests(SyncTestCase):
|
||||
self.adapter.match("/{}/".format("a" * 25), method="GET")
|
||||
|
||||
def test_bad_characters_storage_index_is_not_parsed(self):
|
||||
"""An overly short storage_index string is not parsed."""
|
||||
"""A storage_index string with bad characters is not parsed."""
|
||||
with self.assertRaises(WNotFound):
|
||||
self.adapter.match("/{}_/".format("a" * 25), method="GET")
|
||||
|
||||
def test_invalid_storage_index_is_not_parsed(self):
|
||||
"""An invalid storage_index string is not parsed."""
|
||||
with self.assertRaises(WNotFound):
|
||||
self.adapter.match("/nomd2a65ylxjbqzsw7gcfh4ivr/", method="GET")
|
||||
|
||||
|
||||
# TODO should be actual swissnum
|
||||
SWISSNUM_FOR_TEST = b"abcd"
|
||||
|
Loading…
Reference in New Issue
Block a user