Enhance sainity checks for fields in commit and fs objects.

haiwen · Nov 11, 2015 · 85b1639 · 85b1639
1 parent 75e0b70
commit 85b1639
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 18 deletions.
diff --git a/common/commit-mgr.c b/common/commit-mgr.c
@@ -680,7 +680,11 @@ commit_from_json_object (const char *commit_id, json_t *object)
     second_parent_id = json_object_get_string_or_null_member (object, "second_parent_id");
 
     repo_name = json_object_get_string_member (object, "repo_name");
+    if (!repo_name)
+        repo_name = "";
     repo_desc = json_object_get_string_member (object, "repo_desc");
+    if (!repo_desc)
+        repo_desc = "";
     repo_category = json_object_get_string_or_null_member (object, "repo_category");
     if (json_object_has_member (object, "encrypted"))
         encrypted = json_object_get_string_or_null_member (object, "encrypted");
@@ -710,12 +714,12 @@ commit_from_json_object (const char *commit_id, json_t *object)
 
 
     /* sanity check for incoming values. */
-    if (!repo_id || strlen(repo_id) != 36 ||
-        !root_id || strlen(root_id) != 40 ||
+    if (!repo_id || !is_uuid_valid(repo_id)  ||
+        !root_id || !is_object_id_valid(root_id) ||
         !creator || strlen(creator) != 40 ||
-        (parent_id && strlen(parent_id) != 40) ||
-        (second_parent_id && strlen(second_parent_id) != 40) ||
-        (enc_version >= 1 && magic == NULL))
+        !creator_name ||
+        (parent_id && !is_object_id_valid(parent_id)) ||
+        (second_parent_id && !is_object_id_valid(second_parent_id)))
         return commit;
 
     switch (enc_version) {
@@ -738,7 +742,7 @@ commit_from_json_object (const char *commit_id, json_t *object)
 
     char *creator_name_l = g_ascii_strdown (creator_name, -1);
     commit = seaf_commit_new (commit_id, repo_id, root_id,
-                              creator_name, creator, desc, ctime);
+                              creator_name_l, creator, desc, ctime);
     g_free (creator_name_l);
 
     commit->parent_id = parent_id ? g_strdup(parent_id) : NULL;

diff --git a/common/fs-mgr.c b/common/fs-mgr.c
@@ -21,6 +21,7 @@
 #include "block-mgr.h"
 #include "utils.h"
 #include "seaf-utils.h"
+#define DEBUG_FLAG SEAFILE_DEBUG_OTHER
 #include "log.h"
 #include "../common/seafile-crypt.h"
 
@@ -1061,22 +1062,22 @@ seafile_from_json_object (const char *id, json_t *object)
     /* Sanity checks. */
     type = json_object_get_int_member (object, "type");
     if (type != SEAF_METADATA_TYPE_FILE) {
-        seaf_warning ("Object %s is not a file.\n", id);
+        seaf_debug ("Object %s is not a file.\n", id);
         return NULL;
     }
 
     version = (int) json_object_get_int_member (object, "version");
     if (version < 1) {
-        seaf_warning ("Seafile object %s version should be > 0, version is %d.\n",
-                      id, version);
+        seaf_debug ("Seafile object %s version should be > 0, version is %d.\n",
+                    id, version);
         return NULL;
     }
 
     file_size = (guint64) json_object_get_int_member (object, "size");
 
     block_id_array = json_object_get (object, "block_ids");
     if (!block_id_array) {
-        seaf_warning ("No block id array in seafile object %s.\n", id);
+        seaf_debug ("No block id array in seafile object %s.\n", id);
         return NULL;
     }
 
@@ -1096,7 +1097,7 @@ seafile_from_json_object (const char *id, json_t *object)
     for (i = 0; i < seafile->n_blocks; ++i) {
         block_id_obj = json_array_get (block_id_array, i);
         block_id = json_string_value (block_id_obj);
-        if (!block_id) {
+        if (!block_id || !is_object_id_valid(block_id)) {
             seafile_free (seafile);
             return NULL;
         }
@@ -1482,21 +1483,25 @@ parse_dirent (const char *dir_id, int version, json_t *object)
 
     id = json_object_get_string_member (object, "id");
     if (!id) {
-        seaf_warning ("Dirent id not set for dir object %s.\n", dir_id);
+        seaf_debug ("Dirent id not set for dir object %s.\n", dir_id);
+        return NULL;
+    }
+    if (!is_object_id_valid (id)) {
+        seaf_debug ("Dirent id is invalid for dir object %s.\n", dir_id);
         return NULL;
     }
 
     name = json_object_get_string_member (object, "name");
     if (!name) {
-        seaf_warning ("Dirent name not set for dir object %s.\n", dir_id);
+        seaf_debug ("Dirent name not set for dir object %s.\n", dir_id);
         return NULL;
     }
 
     mtime = json_object_get_int_member (object, "mtime");
     if (S_ISREG(mode)) {
         modifier = json_object_get_string_member (object, "modifier");
         if (!modifier) {
-            seaf_warning ("Dirent modifier not set for dir object %s.\n", dir_id);
+            seaf_debug ("Dirent modifier not set for dir object %s.\n", dir_id);
             return NULL;
         }
         size = json_object_get_int_member (object, "size");
@@ -1528,20 +1533,20 @@ seaf_dir_from_json_object (const char *dir_id, json_t *object)
     /* Sanity checks. */
     type = json_object_get_int_member (object, "type");
     if (type != SEAF_METADATA_TYPE_DIR) {
-        seaf_warning ("Object %s is not a dir.\n", dir_id);
+        seaf_debug ("Object %s is not a dir.\n", dir_id);
         return NULL;
     }
 
     version = (int) json_object_get_int_member (object, "version");
     if (version < 1) {
-        seaf_warning ("Dir object %s version should be > 0, version is %d.\n",
-                      dir_id, version);
+        seaf_debug ("Dir object %s version should be > 0, version is %d.\n",
+                    dir_id, version);
         return NULL;
     }
 
     dirent_array = json_object_get (object, "dirents");
     if (!dirent_array) {
-        seaf_warning ("No dirents in dir object %s.\n", dir_id);
+        seaf_debug ("No dirents in dir object %s.\n", dir_id);
         return NULL;
     }