Ensure validations account for trailing newlines
The regex's used for validation allowed "\n" terminated strings to pass, allowing invalid data through. Change-Id: Iae4c40ffab9951280bb6d67c2a7cb779dc7ddf0f Closes-Bug: 1471158
This commit is contained in:
Kiall Mac Innes
parent
2612d4875c
commit
09d65fddf1
|
|
@ -24,12 +24,19 @@ from designate.openstack.common import log as logging
|
|||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
RE_DOMAINNAME = r'^(?!.{255,})(?:(?!\-)[A-Za-z0-9_\-]{1,63}(?<!\-)\.)+$'
|
||||
RE_HOSTNAME = r'^(?!.{255,})(?:(^\*|(?!\-)[A-Za-z0-9_\-]{1,63})(?<!\-)\.)+$'
|
||||
# NOTE(kiall): All of the below regular expressions are termined with
|
||||
# "(?![\n])$", rather than simply "$" to ensure a string with a
|
||||
# trailing newline is NOT matched. See bug #1471158. Annoyingly,
|
||||
# Python's re module has no equilivant to PCRE_DOLLAR_ENDONLY, so
|
||||
# we do it by hand instead.
|
||||
|
||||
RE_DOMAINNAME = r'^(?!.{255,})(?:(?!\-)[A-Za-z0-9_\-]{1,63}(?<!\-)\.)+\Z'
|
||||
RE_HOSTNAME = r'^(?!.{255,})(?:(?:^\*|(?!\-)[A-Za-z0-9_\-]{1,63})(?<!\-)\.)+\Z'
|
||||
|
||||
# The TLD name will not end in a period.
|
||||
RE_TLDNAME = r'^(?!.{255,})(?:(?!\-)[A-Za-z0-9_\-]{1,63}(?<!\-))' \
|
||||
r'(\.(?:(?!\-)[A-Za-z0-9_\-]{1,63}(?<!\-)))*$'
|
||||
r'(?:\.(?:(?!\-)[A-Za-z0-9_\-]{1,63}(?<!\-)))*\Z'
|
||||
|
||||
|
||||
draft3_format_checker = jsonschema.draft3_format_checker
|
||||
draft4_format_checker = jsonschema.draft4_format_checker
|
||||
|
|
|
|||
|
|
@ -45,6 +45,8 @@ class SchemaFormatTest(TestCase):
|
|||
'ABCDEF',
|
||||
'ABC/DEF',
|
||||
'ABC\\DEF',
|
||||
# Trailing newline - Bug 1471158
|
||||
"127.0.0.1\n",
|
||||
]
|
||||
|
||||
for ipaddress in valid_ipaddresses:
|
||||
|
|
@ -53,6 +55,29 @@ class SchemaFormatTest(TestCase):
|
|||
for ipaddress in invalid_ipaddresses:
|
||||
self.assertFalse(format.is_ipv4(ipaddress))
|
||||
|
||||
def test_is_ipv6(self):
|
||||
valid_ipaddresses = [
|
||||
'2001:db8::0',
|
||||
'2001:0db8:85a3:0000:0000:8a2e:0370:7334',
|
||||
'2001:db8:85a3:0000:0000:8a2e:0370:7334',
|
||||
'2001:db8:85a3::8a2e:0370:7334',
|
||||
]
|
||||
|
||||
invalid_ipaddresses = [
|
||||
# Invalid characters
|
||||
'hhhh:hhhh:hhhh:hhhh:hhhh:hhhh:hhhh:hhhh'
|
||||
# Trailing newline - Bug 1471158
|
||||
"2001:db8::0\n",
|
||||
]
|
||||
|
||||
for ipaddress in valid_ipaddresses:
|
||||
self.assertTrue(format.is_ipv6(ipaddress),
|
||||
'Expected Valid: %s' % ipaddress)
|
||||
|
||||
for ipaddress in invalid_ipaddresses:
|
||||
self.assertFalse(format.is_ipv6(ipaddress),
|
||||
'Expected Invalid: %s' % ipaddress)
|
||||
|
||||
def test_is_hostname(self):
|
||||
valid_hostnames = [
|
||||
'example.com.',
|
||||
|
|
@ -112,6 +137,8 @@ class SchemaFormatTest(TestCase):
|
|||
'-abc-.',
|
||||
'abc.-def-.',
|
||||
'abc.-def-.ghi.',
|
||||
# Trailing newline - Bug 1471158
|
||||
"www.example.com.\n",
|
||||
]
|
||||
|
||||
for hostname in valid_hostnames:
|
||||
|
|
@ -182,6 +209,8 @@ class SchemaFormatTest(TestCase):
|
|||
'-abc-.',
|
||||
'abc.-def-.',
|
||||
'abc.-def-.ghi.',
|
||||
# Trailing newline - Bug 1471158
|
||||
"example.com.\n",
|
||||
]
|
||||
|
||||
for domainname in valid_domainnames:
|
||||
|
|
@ -190,6 +219,30 @@ class SchemaFormatTest(TestCase):
|
|||
for domainname in invalid_domainnames:
|
||||
self.assertFalse(format.is_domainname(domainname))
|
||||
|
||||
def test_is_tldname(self):
|
||||
valid_tldnames = [
|
||||
'com',
|
||||
'net',
|
||||
'org',
|
||||
'co.uk',
|
||||
]
|
||||
|
||||
invalid_tldnames = [
|
||||
# Invalid Formats
|
||||
'com.',
|
||||
'.com',
|
||||
# Trailing newline - Bug 1471158
|
||||
"com\n",
|
||||
]
|
||||
|
||||
for tldname in valid_tldnames:
|
||||
self.assertTrue(format.is_tldname(tldname),
|
||||
'Expected Valid: %s' % tldname)
|
||||
|
||||
for tldname in invalid_tldnames:
|
||||
self.assertFalse(format.is_tldname(tldname),
|
||||
'Expected Invalid: %s' % tldname)
|
||||
|
||||
def test_is_email(self):
|
||||
valid_emails = [
|
||||
'user@example.com',
|
||||
|
|
|
|||
Loading…
Reference in New Issue