HaikuDepot: Avoid Corrupt Username (2)

Previous changes removed the ability to supply control characters at the start and end of a nickname; this change removes them from anywhere in the nickname when supplied. Change-Id: I0631fffa8aaf2c0e267c777892044c53faa4334e Reviewed-on: https://review.haiku-os.org/c/haiku/+/7071 Tested-by: Commit checker robot <no-reply+buildbot@haiku-os.org> Reviewed-by: Jérôme Duval <jerome.duval@gmail.com>
2023-10-27 07:44:06 +13:00 · 2023-10-27 07:44:06 +13:00 · e526b61813
commit e526b61813
parent b02777c1a8
6 changed files with 60 additions and 12 deletions
--- a/src/apps/haikudepot/server/AbstractServerProcess.cpp
+++ b/src/apps/haikudepot/server/AbstractServerProcess.cpp
@ -383,11 +383,11 @@ AbstractServerProcess::DownloadToLocalFile(const BPath& targetFilePath,
 	fRequest = NULL;

 	if (BHttpRequest::IsSuccessStatusCode(statusCode)) {
-		HDINFO("[%s] did complete streaming data [%"
-			B_PRIdSSIZE " bytes]", Name(), listener.ContentLength());
+		HDINFO("[%s] did complete streaming data [%" B_PRIdSSIZE " bytes]", Name(),
+			listener.ContentLength());
 		return B_OK;
 	} else if (statusCode == B_HTTP_STATUS_NOT_MODIFIED) {
-		HDINFO("[%s] remote data has not changed since [%s]", Name(),
+		HDINFO("[%s] remote data has not changed since [%s] so was not downloaded", Name(),
 			ifModifiedSinceHeader.String());
 		return HD_ERR_NOT_MODIFIED;
 	} else if (statusCode == B_HTTP_STATUS_PRECONDITION_FAILED) {
@ -396,20 +396,16 @@ AbstractServerProcess::DownloadToLocalFile(const BPath& targetFilePath,
 	} else if (BHttpRequest::IsRedirectionStatusCode(statusCode)) {
 		if (location.Length() != 0) {
 			BUrl redirectUrl(result.Url(), location);
-			HDINFO("[%s] will redirect to; %s",
-				Name(), redirectUrl.UrlString().String());
-			return DownloadToLocalFile(targetFilePath, redirectUrl,
-				redirects + 1, 0);
+			HDINFO("[%s] will redirect to; %s", Name(), redirectUrl.UrlString().String());
+			return DownloadToLocalFile(targetFilePath, redirectUrl, redirects + 1, 0);
 		}

 		HDERROR("[%s] unable to find 'Location' header for redirect", Name());
 		return B_IO_ERROR;
 	} else {
 		if (statusCode == 0 || (statusCode / 100) == 5) {
-			HDERROR("error response from server [%" B_PRId32 "] --> retry...",
-				statusCode);
-			return DownloadToLocalFile(targetFilePath, url, redirects,
-				failures + 1);
+			HDERROR("error response from server [%" B_PRId32 "] --> retry...", statusCode);
+			return DownloadToLocalFile(targetFilePath, url, redirects, failures + 1);
 		}

 		HDERROR("[%s] unexpected response from server [%" B_PRId32 "]",
--- a/src/apps/haikudepot/ui/UserLoginWindow.cpp
+++ b/src/apps/haikudepot/ui/UserLoginWindow.cpp
@ -480,7 +480,7 @@ void
 UserLoginWindow::_Authenticate()
 {
 	BString username = fNicknameField->Text();
-	StringUtils::InSituTrimSpaceAndControl(username);
+	StringUtils::InSituStripSpaceAndControl(username);
 	_Authenticate(UserCredentials(username, fPasswordField->Text()));
 }

--- a/src/apps/haikudepot/util/StringUtils.cpp
+++ b/src/apps/haikudepot/util/StringUtils.cpp
@ -29,6 +29,16 @@ StringUtils::InSituTrimSpaceAndControl(BString& value)
 }


+/*static*/ void
+StringUtils::InSituStripSpaceAndControl(BString& value)
+{
+	for (int i = value.Length() - 1; i >= 0; i--) {
+		if (_IsSpaceOrControl(value.ByteAt(i)))
+			value.Remove(i, 1);
+	}
+}
+
+
 /*static*/ bool
 StringUtils::_IsSpaceOrControl(char ch)
 {
--- a/src/apps/haikudepot/util/StringUtils.h
+++ b/src/apps/haikudepot/util/StringUtils.h
@ -13,6 +13,7 @@ class StringUtils {

 public:
 	static void				InSituTrimSpaceAndControl(BString& value);
+	static void				InSituStripSpaceAndControl(BString& value);

 private:
 	static bool				_IsSpaceOrControl(char ch);
--- a/src/tests/apps/haikudepot/StringUtilsTest.cpp
+++ b/src/tests/apps/haikudepot/StringUtilsTest.cpp
@ -78,6 +78,35 @@ StringUtilsTest::TestNoTrimInSituTrimSpaceAndControl()
 }


+void
+StringUtilsTest::TestInSituStripSpaceAndControl()
+{
+	BString string = "\x01 To\tnic Wa\nter  ";
+
+// ----------------------
+	StringUtils::InSituTrimSpaceAndControl(string);
+// ----------------------
+
+	const BString expected = "TonicWater";
+		// note intervening space also removed
+	CPPUNIT_ASSERT_EQUAL(expected, string);
+}
+
+
+void
+StringUtilsTest::TestNoInSituStripSpaceAndControl()
+{
+	BString string = "Tonic Water";
+
+// ----------------------
+	StringUtils::InSituStripSpaceAndControl(string);
+// ----------------------
+
+	const BString expected = "Tonic Water";
+	CPPUNIT_ASSERT_EQUAL(expected, string);
+}
+
+
 /*static*/ void
 StringUtilsTest::AddTests(BTestSuite& parent)
 {
@ -100,5 +129,14 @@ StringUtilsTest::AddTests(BTestSuite& parent)
 			"StringUtilsTest::TestNoTrimInSituTrimSpaceAndControl",
 			&StringUtilsTest::TestNoTrimInSituTrimSpaceAndControl));

+	suite.addTest(
+		new CppUnit::TestCaller<StringUtilsTest>(
+			"StringUtilsTest::TestNoInSituStripSpaceAndControl",
+			&StringUtilsTest::TestNoInSituStripSpaceAndControl));
+	suite.addTest(
+		new CppUnit::TestCaller<StringUtilsTest>(
+			"StringUtilsTest::TestInSituStripSpaceAndControl",
+			&StringUtilsTest::TestInSituStripSpaceAndControl));
+
 	parent.addTest("StringUtilsTest", &suite);
 }
--- a/src/tests/apps/haikudepot/StringUtilsTest.h
+++ b/src/tests/apps/haikudepot/StringUtilsTest.h
@ -19,6 +19,9 @@ public:
 			void				TestStartAndEndInSituTrimSpaceAndControl();
 			void				TestNoTrimInSituTrimSpaceAndControl();

+			void				TestInSituStripSpaceAndControl();
+			void				TestNoInSituStripSpaceAndControl();
+
 	static	void				AddTests(BTestSuite& suite);
 };