From 7656d47072190d8c9a6da087421735c73036f7db Mon Sep 17 00:00:00 2001 From: Miraculous Owonubi Date: Fri, 26 Jan 2024 03:32:14 +0300 Subject: [PATCH 1/2] avoid treating empty values as valid CSV input --- src/common/if_match.rs | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/src/common/if_match.rs b/src/common/if_match.rs index 5b9bdd95..9be0fa1c 100644 --- a/src/common/if_match.rs +++ b/src/common/if_match.rs @@ -72,8 +72,29 @@ impl From for IfMatch { #[cfg(test)] mod tests { + use super::super::test_decode; use super::*; + #[test] + fn test_empty() { + assert_eq!(test_decode::(&[]), None); + } + + #[test] + fn test_invalid() { + assert_eq!(test_decode::(&[""]), None); + assert_eq!(test_decode::(&[" "]), None); + assert_eq!(test_decode::(&["foo"]), None); + } + + #[test] + fn test_valid() { + assert_eq!( + test_decode::(&["\"foo\""]), + Some(IfMatch::from(ETag::from_static("\"foo\""))) + ); + } + #[test] fn is_any() { assert!(IfMatch::any().is_any()); From c8c893d9719602eae9c5ebfb852a4040ba521898 Mon Sep 17 00:00:00 2001 From: Miraculous Owonubi Date: Fri, 26 Jan 2024 03:32:29 +0300 Subject: [PATCH 2/2] validate tags on EntityTagRange --- src/util/entity.rs | 3 +++ src/util/flat_csv.rs | 3 +++ 2 files changed, 6 insertions(+) diff --git a/src/util/entity.rs b/src/util/entity.rs index 67604be4..02817a9e 100644 --- a/src/util/entity.rs +++ b/src/util/entity.rs @@ -254,6 +254,9 @@ impl super::TryFromValues for EntityTagRange { if flat.value == "*" { Ok(EntityTagRange::Any) } else { + for tag in flat.iter() { + EntityTag::parse(tag.as_bytes()).ok_or_else(::Error::invalid)?; + } Ok(EntityTagRange::Tags(flat)) } } diff --git a/src/util/flat_csv.rs b/src/util/flat_csv.rs index 7be56c87..8641cd52 100644 --- a/src/util/flat_csv.rs +++ b/src/util/flat_csv.rs @@ -66,6 +66,9 @@ impl TryFromValues for FlatCsv { where I: Iterator, { + let mut values = values.peekable(); + values.peek().ok_or_else(::Error::invalid)?; + let flat = values.collect(); Ok(flat) }