Vinzenz Feenstra has uploaded a new change for review. Change subject: guestIF: Additional object strings filtering ......................................................................
guestIF: Additional object strings filtering Filtering the plain UTF-8 data is not enough. The filter has to be applied also on the object parsed from json to be really effective. Change-Id: Id64438812a19b25b67b8e50c5c56b0d776c4463e Signed-off-by: Vinzenz Feenstra <[email protected]> --- M tests/guestIFTests.py M vdsm/guestIF.py 2 files changed, 40 insertions(+), 0 deletions(-) git pull ssh://gerrit.ovirt.org:29418/vdsm refs/changes/26/14126/1 diff --git a/tests/guestIFTests.py b/tests/guestIFTests.py index 559a61e..7a392fd 100644 --- a/tests/guestIFTests.py +++ b/tests/guestIFTests.py @@ -93,6 +93,28 @@ invalid2 = "\x00" self.assertEqual('?', guestIF._filterXmlChars(invalid2)) + def test_filterObject(self): + ILLEGAL_DATA = {"foo": "\x00data\x00test"} + LEGAL_DATA = {"foo": "?data?test"} + EXPECTED_DATA = {"foo": "?data?test"} + self.assertEqual(EXPECTED_DATA, guestIF._filterObject(ILLEGAL_DATA)) + self.assertEqual(EXPECTED_DATA, guestIF._filterObject(LEGAL_DATA)) + + def test_StringAndObjectFiltering(self): + ILLEGAL_DATA = json.dumps({"foo": "\x00data\x00test"}) + LEGAL_DATA = json.dumps({"foo": "?data?test"}) + EXPECTED_DATA = {"foo": "?data?test"} + + filtered = guestIF._filterXmlChars(ILLEGAL_DATA) + parsed = json.loads(filtered.decode('utf-8')) + filt_obj = guestIF._filterObject(parsed) + self.assertEqual(filt_obj, EXPECTED_DATA) + + filtered = guestIF._filterXmlChars(LEGAL_DATA) + parsed = json.loads(filtered.decode('utf-8')) + filt_obj = guestIF._filterObject(parsed) + self.assertEqual(filt_obj, EXPECTED_DATA) + def test_handleMessage(self): logging.TRACE = 5 fakeGuestAgent = guestIF.GuestAgent(None, diff --git a/vdsm/guestIF.py b/vdsm/guestIF.py index 47cd9ed..92a9cf2 100644 --- a/vdsm/guestIF.py +++ b/vdsm/guestIF.py @@ -50,6 +50,23 @@ return ''.join(maskRestricted(c) for c in u) +def _filterObject(obj): + """ + Apply _filterXmlChars on every string in the json response object + """ + def filt(o): + if isinstance(o, dict): + return dict(map(filt, o.iteritems())) + elif isinstance(o, list): + return map(filt, o) + elif isinstance(o, tuple): + return tuple(map(filt, o)) + elif isinstance(o, basestring): + return _filterXmlChars(o) + return o + return filt(obj) + + class MessageState: NORMAL = 'normal' TOO_BIG = 'too-big' @@ -335,6 +352,7 @@ def _parseLine(self, line): line = _filterXmlChars(line) args = json.loads(line.decode('utf8')) + args = _filterObject(args) name = args['__name__'] del args['__name__'] return (name, args) -- To view, visit http://gerrit.ovirt.org/14126 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Id64438812a19b25b67b8e50c5c56b0d776c4463e Gerrit-PatchSet: 1 Gerrit-Project: vdsm Gerrit-Branch: master Gerrit-Owner: Vinzenz Feenstra <[email protected]> _______________________________________________ vdsm-patches mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/vdsm-patches
