-
Notifications
You must be signed in to change notification settings - Fork 304
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HPCC-32041 WsStore support invalid IPT paths #18763
HPCC-32041 WsStore support invalid IPT paths #18763
Conversation
Jira Issue: https://hpccsystems.atlassian.net//browse/HPCC-32041 Jirabot Action Result: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am not sure that it is necessary to encode the namespaces - they are explicitly under our control, and it would always report an error if an application had used an invalid value. We should be encoding the key though - as you have.
I would also look at using encodePTreeNameUtf8Char to encode the user name. It would need a slight modification to also encode an at at the start of the string (would be simple to implement by passing in first as a parameter and a little care inside the function)
The namespaces are provided by the caller, we're not likely going to encounter issues, but we might as well sanitize all user input. Also, I need to decode the key names in a couple of the wsstore methods as well... |
d1a442f
to
52f90db
Compare
corresponding junit tests: hpcc-systems/hpcc4j#717 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would be inclined to merge (with a fix for encoding ns) and ignore the problem of user names starting with an @
This file would benefit from a future PR that commoned up duplicate code. It would reduce the size and make changes like this easier to review.
|
||
xpath.appendf("/%s/%s", ns, key); | ||
xpath.appendf("/%s/%s", ns, encodedKey.str()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
name space not encoded.
@rpastrana this is waiting for you - one case of a namespace not being encoded (so it could be inconsistent) |
Thanks. This is on my radar. How important is the leading '@' problem you mentioned. That fix involves heavily used logic and will take longer to test. |
UPDATE, just noticed your comment on this matter... |
Updated test case: hpcc-systems/hpcc4j#717 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missed another case.
@@ -189,34 +213,42 @@ bool CDALIKVStore::fetchKeyProperty(StringBuffer & propval , const char * storen | |||
if (isEmptyString(storename)) | |||
throw MakeStringException(-1, "DALI Keystore fetchKeyProperty(): Store name not provided"); | |||
|
|||
StringBuffer encodedStoreName; | |||
encodePTreeName(encodedStoreName, storename); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This isn't being used in line 230
@ghalliday good catch. Fixed, took another look and hopefully didn't miss any others. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@rpastrana unfortunately a couple of further issues.
One general comment - not to be address in this pr - is that the code would be clearer if the code to encode the values was adjacent to the code that used it.
for (unsigned i = 0; i < keys.length(); i++) | ||
{ | ||
StringBuffer decoded; | ||
decodePtreeName(decoded, keys.item(i)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These have already been decoded within the function - so they will currently be decoded twice. That could potentially cause problems with some pathological key names.
kvpair->setKey(attributes->queryName()); | ||
//it's possible this has been encoded, so decode it | ||
StringBuffer decoded; | ||
decodePtreeName(decoded, attributes->queryName()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The attribute names have not been encoded - so there should not be matching code to decode them.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The IPT attributes iterator contains all keys under a particular namespace branch, those keys would have been encoded in the set method. I believe decoding is necessary here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When I read the code it looked like the attributes would be things like DALI_KVSTORE_CREATEDTIME_ATT which have not been encoded (and are also not user specified).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@rpastrana you haven't responded to this comment. I can merge as-is because the decoding will have no effect, but I also don't think it is ever necessary.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
no need to decode. Will revert
StringBuffer decoded; | ||
decodePtreeName(decoded, name.str()); | ||
|
||
kvpair->setKey(decoded.str()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
observation: No worth changing - but this breaks the encapsulation - the fact that the keys are encoded shouldn't really need to be known by the calling code.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
agreed, I do wish the encoding decoding could have been hidden from the client (ws_store) in this case.
No longer re-decoding. |
Added new junit test. Results: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@rpastrana I think there is still some unnecessary decoding of attribute names, but I would merge as is since it has no ill effect (just confusing because not needed).
Please sqaush.
- Encodes all user provided IPT path components - Decodes all IPT paths provided to user Signed-off-by: Rodrigo Pastrana <rodrigo.pastrana@lexisnexisrisk.com>
e1e785d
to
a55eb1c
Compare
Type of change:
Checklist:
Smoketest:
Testing: