Directory: | cvmfs/ |
---|---|
File: | cvmfs/sanitizer.cc |
Date: | 2025-07-21 10:50:29 |
Exec | Total | Coverage | |
---|---|---|---|
Lines: | 69 | 71 | 97.2% |
Branches: | 40 | 49 | 81.6% |
Line | Branch | Exec | Source |
---|---|---|---|
1 | /** | ||
2 | * This file is part of the CernVM File System. | ||
3 | * | ||
4 | * Provides input data sanitizer in the form of whitelist of character ranges. | ||
5 | */ | ||
6 | |||
7 | |||
8 | #include "sanitizer.h" | ||
9 | |||
10 | #include <cassert> | ||
11 | |||
12 | using namespace std; // NOLINT | ||
13 | |||
14 | #ifdef CVMFS_NAMESPACE_GUARD | ||
15 | namespace CVMFS_NAMESPACE_GUARD { | ||
16 | #endif | ||
17 | |||
18 | namespace sanitizer { | ||
19 | |||
20 | 20528 | CharRange::CharRange(const char range_begin, const char range_end) { | |
21 | 20528 | range_begin_ = range_begin; | |
22 | 20528 | range_end_ = range_end; | |
23 | 20528 | } | |
24 | |||
25 | |||
26 | 18145 | CharRange::CharRange(const char single_char) { | |
27 | 18145 | range_begin_ = range_end_ = single_char; | |
28 | 18145 | } | |
29 | |||
30 | |||
31 | 252238 | bool CharRange::InRange(const char c) const { | |
32 |
4/4✓ Branch 0 taken 205637 times.
✓ Branch 1 taken 46601 times.
✓ Branch 2 taken 131438 times.
✓ Branch 3 taken 74199 times.
|
252238 | return (c >= range_begin_) && (c <= range_end_); |
33 | } | ||
34 | |||
35 | |||
36 | //------------------------------------------------------------------------------ | ||
37 | |||
38 | |||
39 | 17773 | InputSanitizer::InputSanitizer(const string &whitelist) : max_length_(-1) { | |
40 |
1/2✓ Branch 1 taken 17773 times.
✗ Branch 2 not taken.
|
17773 | InitValidRanges(whitelist); |
41 | 17773 | } | |
42 | |||
43 | |||
44 | 88 | InputSanitizer::InputSanitizer(const string &whitelist, int max_length) | |
45 | 88 | : max_length_(max_length) { | |
46 |
1/2✓ Branch 1 taken 88 times.
✗ Branch 2 not taken.
|
88 | InitValidRanges(whitelist); |
47 | 88 | } | |
48 | |||
49 | |||
50 | 17861 | void InputSanitizer::InitValidRanges(const std::string &whitelist) { | |
51 | // Parse the whitelist | ||
52 | 17861 | const unsigned length = whitelist.length(); | |
53 | 17861 | unsigned pickup_pos = 0; | |
54 |
2/2✓ Branch 0 taken 59201 times.
✓ Branch 1 taken 17861 times.
|
77062 | for (unsigned i = 0; i < length; ++i) { |
55 |
7/8✓ Branch 0 taken 41363 times.
✓ Branch 1 taken 17838 times.
✓ Branch 3 taken 20528 times.
✓ Branch 4 taken 20835 times.
✗ Branch 5 not taken.
✓ Branch 6 taken 20528 times.
✓ Branch 7 taken 38673 times.
✓ Branch 8 taken 20528 times.
|
59201 | if ((i + 1 >= length) || (whitelist[i + 1] == ' ') || (i == length - 1)) { |
56 |
1/2✓ Branch 1 taken 38673 times.
✗ Branch 2 not taken.
|
38673 | const string range = whitelist.substr(pickup_pos, i - pickup_pos + 1); |
57 |
2/3✓ Branch 1 taken 18145 times.
✓ Branch 2 taken 20528 times.
✗ Branch 3 not taken.
|
38673 | switch (range.length()) { |
58 | 18145 | case 1: | |
59 |
1/2✓ Branch 3 taken 18145 times.
✗ Branch 4 not taken.
|
18145 | valid_ranges_.push_back(CharRange(range[0])); |
60 | 18145 | break; | |
61 | 20528 | case 2: | |
62 |
1/2✓ Branch 4 taken 20528 times.
✗ Branch 5 not taken.
|
20528 | valid_ranges_.push_back(CharRange(range[0], range[1])); |
63 | 20528 | break; | |
64 | ✗ | default: | |
65 | ✗ | assert(false); | |
66 | } | ||
67 | 38673 | ++i; | |
68 | 38673 | pickup_pos = i + 1; | |
69 | 38673 | } | |
70 | } | ||
71 | 17861 | } | |
72 | |||
73 | |||
74 | 18918 | bool InputSanitizer::Sanitize(std::string::const_iterator begin, | |
75 | std::string::const_iterator end, | ||
76 | std::string *filtered_output) const { | ||
77 | 18918 | int pos = 0; | |
78 | 18918 | bool is_sane = true; | |
79 |
2/2✓ Branch 2 taken 166510 times.
✓ Branch 3 taken 18826 times.
|
185336 | for (; begin != end; ++begin) { |
80 |
2/2✓ Branch 2 taken 131438 times.
✓ Branch 3 taken 35072 times.
|
166510 | if (CheckRanges(*begin)) { |
81 |
4/4✓ Branch 0 taken 830 times.
✓ Branch 1 taken 130608 times.
✓ Branch 2 taken 92 times.
✓ Branch 3 taken 738 times.
|
131438 | if ((max_length_ >= 0) && (pos >= max_length_)) { |
82 | 92 | is_sane = false; | |
83 | 92 | break; | |
84 | } | ||
85 | 131346 | filtered_output->push_back(*begin); | |
86 | 131346 | pos++; | |
87 | } else { | ||
88 | 35072 | is_sane = false; | |
89 | } | ||
90 | } | ||
91 | 18918 | return is_sane; | |
92 | } | ||
93 | |||
94 | |||
95 | 166510 | bool InputSanitizer::CheckRanges(const char chr) const { | |
96 |
2/2✓ Branch 1 taken 252238 times.
✓ Branch 2 taken 35072 times.
|
287310 | for (unsigned j = 0; j < valid_ranges_.size(); ++j) { |
97 |
2/2✓ Branch 2 taken 131438 times.
✓ Branch 3 taken 120800 times.
|
252238 | if (valid_ranges_[j].InRange(chr)) { |
98 | 131438 | return true; | |
99 | } | ||
100 | } | ||
101 | 35072 | return false; | |
102 | } | ||
103 | |||
104 | |||
105 | 636 | string InputSanitizer::Filter(const std::string &input) const { | |
106 | 636 | string filtered_output; | |
107 |
1/2✓ Branch 1 taken 636 times.
✗ Branch 2 not taken.
|
636 | Sanitize(input, &filtered_output); |
108 | 636 | return filtered_output; | |
109 | } | ||
110 | |||
111 | |||
112 | 18328 | bool InputSanitizer::IsValid(const std::string &input) const { | |
113 | 18328 | string dummy; | |
114 |
1/2✓ Branch 1 taken 18328 times.
✗ Branch 2 not taken.
|
36656 | return Sanitize(input, &dummy); |
115 | 18328 | } | |
116 | |||
117 | |||
118 | 662 | bool IntegerSanitizer::Sanitize(std::string::const_iterator begin, | |
119 | std::string::const_iterator end, | ||
120 | std::string *filtered_output) const { | ||
121 |
2/2✓ Branch 1 taken 23 times.
✓ Branch 2 taken 639 times.
|
662 | if (std::distance(begin, end) == 0) { |
122 | 23 | return false; | |
123 | } | ||
124 | |||
125 |
2/2✓ Branch 1 taken 46 times.
✓ Branch 2 taken 593 times.
|
639 | if (*begin == '-') { |
126 | // minus is allowed as the first character! | ||
127 | 46 | filtered_output->push_back('-'); | |
128 | 46 | begin++; | |
129 | } | ||
130 | |||
131 | 639 | return InputSanitizer::Sanitize(begin, end, filtered_output); | |
132 | } | ||
133 | |||
134 | |||
135 | 230 | bool PositiveIntegerSanitizer::Sanitize(std::string::const_iterator begin, | |
136 | std::string::const_iterator end, | ||
137 | std::string *filtered_output) const { | ||
138 |
2/2✓ Branch 1 taken 23 times.
✓ Branch 2 taken 207 times.
|
230 | if (std::distance(begin, end) == 0) { |
139 | 23 | return false; | |
140 | } | ||
141 | |||
142 | 207 | return InputSanitizer::Sanitize(begin, end, filtered_output); | |
143 | } | ||
144 | |||
145 | } // namespace sanitizer | ||
146 | |||
147 | #ifdef CVMFS_NAMESPACE_GUARD | ||
148 | } // namespace CVMFS_NAMESPACE_GUARD | ||
149 | #endif | ||
150 |