diff options
author | Stan Hu <stanhu@gmail.com> | 2021-03-04 18:36:20 +0300 |
---|---|---|
committer | Stan Hu <stanhu@gmail.com> | 2021-03-06 11:49:49 +0300 |
commit | d48c79323aaf77a2aea7d4c4921a70c7b61b37c7 (patch) | |
tree | 2040e3b95925ad52db1530bf0c1a83f78464b233 /cmd/gitaly-lfs-smudge | |
parent | 4ffdf88c407165df85cd3d887f77b265ee29171e (diff) |
gitaly-lfs-smudge: Use stronger OID validation in LFS pointer parser
When parsing an LFS pointer, the git-lfs library now uses stronger
validation of the OID in
https://github.com/git-lfs/git-lfs/pull/4421. We update the package to
take advantage of that.
Diffstat (limited to 'cmd/gitaly-lfs-smudge')
-rw-r--r-- | cmd/gitaly-lfs-smudge/lfs_smudge_test.go | 103 |
1 files changed, 71 insertions, 32 deletions
diff --git a/cmd/gitaly-lfs-smudge/lfs_smudge_test.go b/cmd/gitaly-lfs-smudge/lfs_smudge_test.go index a84cf204f..d14e5cef5 100644 --- a/cmd/gitaly-lfs-smudge/lfs_smudge_test.go +++ b/cmd/gitaly-lfs-smudge/lfs_smudge_test.go @@ -21,6 +21,15 @@ const ( oid sha256:3ea5dd307f195f449f0e08234183b82e92c3d5f4cff11c2a6bb014f9e0de12aa size 177735 ` + lfsPointerWithCRLF = `version https://git-lfs.github.com/spec/v1 +oid sha256:3ea5dd307f195f449f0e08234183b82e92c3d5f4cff11c2a6bb014f9e0de12aa` + "\r\nsize 177735" + invalidLfsPointer = `version https://git-lfs.github.com/spec/v1 +oid sha256:3ea5dd307f195f449f0e08234183b82e92c3d5f4cff11c2a6bb014f9e0de12aa&gl_repository=project-51 +size 177735 +` + invalidLfsPointerWithNonHex = `version https://git-lfs.github.com/spec/v1 +oid sha256:3ea5dd307f195f449f0e08234183b82e92c3d5f4cff11c2a6bb014f9e0de12z- +size 177735` glRepository = "project-1" secretToken = "topsecret" testData = "hello world" @@ -76,47 +85,65 @@ func runTestServer(t *testing.T, options testhelper.GitlabTestServerOptions) (co } func TestSuccessfulLfsSmudge(t *testing.T) { - var b bytes.Buffer - reader := strings.NewReader(lfsPointer) + testCases := []struct { + desc string + data string + }{ + { + desc: "regular LFS pointer", + data: lfsPointer, + }, + { + desc: "LFS pointer with CRLF", + data: lfsPointerWithCRLF, + }, + } - c, cleanup := runTestServer(t, defaultOptions) - defer cleanup() + for _, tc := range testCases { + t.Run(tc.desc, func(t *testing.T) { + var b bytes.Buffer + reader := strings.NewReader(tc.data) - cfg, err := json.Marshal(c) - require.NoError(t, err) + c, cleanup := runTestServer(t, defaultOptions) + defer cleanup() + + cfg, err := json.Marshal(c) + require.NoError(t, err) - tlsCfg, err := json.Marshal(config.TLS{ - CertPath: certPath, - KeyPath: keyPath, - }) - require.NoError(t, err) + tlsCfg, err := json.Marshal(config.TLS{ + CertPath: certPath, + KeyPath: keyPath, + }) + require.NoError(t, err) - tmpDir, cleanup := testhelper.TempDir(t) - defer cleanup() + tmpDir, cleanup := testhelper.TempDir(t) + defer cleanup() - env := map[string]string{ - "GL_REPOSITORY": "project-1", - "GL_INTERNAL_CONFIG": string(cfg), - "GITALY_LOG_DIR": tmpDir, - "GITALY_TLS": string(tlsCfg), - } - cfgProvider := &mapConfig{env: env} - initLogging(cfgProvider) + env := map[string]string{ + "GL_REPOSITORY": "project-1", + "GL_INTERNAL_CONFIG": string(cfg), + "GITALY_LOG_DIR": tmpDir, + "GITALY_TLS": string(tlsCfg), + } + cfgProvider := &mapConfig{env: env} + initLogging(cfgProvider) - err = smudge(&b, reader, cfgProvider) - require.NoError(t, err) - require.Equal(t, testData, b.String()) + err = smudge(&b, reader, cfgProvider) + require.NoError(t, err) + require.Equal(t, testData, b.String()) - logFilename := filepath.Join(tmpDir, "gitaly_lfs_smudge.log") - require.FileExists(t, logFilename) + logFilename := filepath.Join(tmpDir, "gitaly_lfs_smudge.log") + require.FileExists(t, logFilename) - data, err := ioutil.ReadFile(logFilename) - require.NoError(t, err) - d := string(data) + data, err := ioutil.ReadFile(logFilename) + require.NoError(t, err) + d := string(data) - require.Contains(t, d, `"msg":"Finished HTTP request"`) - require.Contains(t, d, `"status":200`) - require.Contains(t, d, `"content_length_bytes":`) + require.Contains(t, d, `"msg":"Finished HTTP request"`) + require.Contains(t, d, `"status":200`) + require.Contains(t, d, `"content_length_bytes":`) + }) + } } func TestUnsuccessfulLfsSmudge(t *testing.T) { @@ -137,6 +164,18 @@ func TestUnsuccessfulLfsSmudge(t *testing.T) { expectedError: false, }, { + desc: "invalid LFS pointer", + data: invalidLfsPointer, + options: defaultOptions, + expectedError: false, + }, + { + desc: "invalid LFS pointer with non-hex characters", + data: invalidLfsPointerWithNonHex, + options: defaultOptions, + expectedError: false, + }, + { desc: "missing GL_REPOSITORY", data: lfsPointer, missingEnv: "GL_REPOSITORY", |