From 2a344c63c4145c2c96ac2096dcf02d64694a3dc8 Mon Sep 17 00:00:00 2001 From: SoniEx2 Date: Wed, 7 Feb 2024 20:59:05 -0300 Subject: Handle untrusted input more better --- testing/test_data.py | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 testing/test_data.py (limited to 'testing') diff --git a/testing/test_data.py b/testing/test_data.py new file mode 100644 index 0000000..47f4e66 --- /dev/null +++ b/testing/test_data.py @@ -0,0 +1,51 @@ +from ganarchy.data import DataProperty, ObjectDataSource, PCTP + +def test_basic_project(): + ods = ObjectDataSource({ + 'projects': { + '0123456789012345678901234567890123456789': { + 'https://example/': { + None: {'active': True} + } + } + } + }) + values = list(ods.get_property_values(DataProperty.VCS_REPOS)) + assert len(values) == 1 + assert isinstance(values[0], PCTP) + assert values[0].project_commit == '0123456789'*4 + assert values[0].uri == 'https://example/' + assert values[0].branch == None + assert values[0].active + assert values[0].federate # defaults to True + assert not values[0].pinned # defaults to False + +def test_nul_in_project_uri(): + # tests what happens if repo uri is malicious/bogus + # should just ignore bad uri + ods = ObjectDataSource({ + 'projects': { + '0123456789012345678901234567890123456789': { + 'https://example/\0': { + None: {'active': True} + } + } + } + }) + values = list(ods.get_property_values(DataProperty.VCS_REPOS)) + assert not len(values) + +def test_bad_branch(): + # tests what happens if repo branch is malicious/bogus + # should just ignore bad branch + ods = ObjectDataSource({ + 'projects': { + '0123456789012345678901234567890123456789': { + 'https://example/': { + '\0': {'active': True} + } + } + } + }) + values = list(ods.get_property_values(DataProperty.VCS_REPOS)) + assert not len(values) -- cgit 1.4.1