From: Claudio Saavedra Date: Tue, 19 Feb 2013 09:02:21 +0000 (+0200) Subject: secret-attributes: improve validation of attributes table X-Git-Tag: upstream/0.14~5 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=261749ec77dc1b5da66cf825445362e5e3590752;p=platform%2Fupstream%2Flibsecret.git secret-attributes: improve validation of attributes table Attributes table that are built by the library itself contain the xdg:schema meta-attribute. Additionally, secrets with a SECRET_SCHEMA_COMPAT_NETWORK schema might also have libgnomekeyring specific meta-attributes (prefixed 'gkr'). During validation, ensure that the former is consistent with the name of the schema and ignore the latter. Add tests for these changes https://bugzilla.gnome.org/show_bug.cgi?id=694107 --- diff --git a/libsecret/secret-attributes.c b/libsecret/secret-attributes.c index 00372e7..80dd28d 100644 --- a/libsecret/secret-attributes.c +++ b/libsecret/secret-attributes.c @@ -212,6 +212,22 @@ _secret_attributes_validate (const SecretSchema *schema, while (g_hash_table_iter_next (&iter, (gpointer *)&key, (gpointer *)&value)) { any = TRUE; + /* If the 'xdg:schema' meta-attribute is present, + ensure that it is consistent with the schema + name. */ + if (g_str_equal (key, "xdg:schema")) { + if (!g_str_equal (value, schema->name)) { + g_critical ("%s: xdg:schema value %s differs from schema %s:", + pretty_function, value, schema->name); + return FALSE; + } + continue; + } + + /* Pass through libgnomekeyring specific attributes */ + if (g_str_has_prefix (key, "gkr:")) + continue; + /* Find the attribute */ attribute = NULL; for (i = 0; i < G_N_ELEMENTS (schema->attributes); i++) { diff --git a/libsecret/tests/test-attributes.c b/libsecret/tests/test-attributes.c index 0d66932..da26189 100644 --- a/libsecret/tests/test-attributes.c +++ b/libsecret/tests/test-attributes.c @@ -16,6 +16,7 @@ #include "config.h" #include "secret-attributes.h" +#include "secret-private.h" #include "egg/egg-testing.h" @@ -123,6 +124,59 @@ test_build_bad_type (void) g_test_trap_assert_stderr ("*invalid type*"); } +static void +test_validate_schema (void) +{ + GHashTable *attributes; + gboolean ret; + + attributes = g_hash_table_new (g_str_hash, g_str_equal); + g_hash_table_replace (attributes, "number", "1"); + g_hash_table_replace (attributes, "string", "test"); + g_hash_table_replace (attributes, "xdg:schema", "org.mock.Schema"); + + ret = _secret_attributes_validate (&MOCK_SCHEMA, attributes, G_STRFUNC, TRUE); + g_assert (ret == TRUE); + + g_hash_table_unref (attributes); +} + +static void +test_validate_schema_bad (void) +{ + GHashTable *attributes; + gboolean ret; + + attributes = g_hash_table_new (g_str_hash, g_str_equal); + g_hash_table_replace (attributes, "number", "1"); + g_hash_table_replace (attributes, "string", "test"); + g_hash_table_replace (attributes, "xdg:schema", "mismatched.Schema"); + + if (g_test_trap_fork (0, G_TEST_TRAP_SILENCE_STDERR)) { + ret = _secret_attributes_validate (&MOCK_SCHEMA, attributes, G_STRFUNC, TRUE); + g_assert (ret == FALSE); + } + + g_hash_table_unref (attributes); +} + +static void +test_validate_libgnomekeyring (void) +{ + GHashTable *attributes; + gboolean ret; + + attributes = g_hash_table_new (g_str_hash, g_str_equal); + g_hash_table_replace (attributes, "number", "1"); + g_hash_table_replace (attributes, "string", "test"); + g_hash_table_replace (attributes, "gkr:compat", "blah-dee-blah"); + + ret = _secret_attributes_validate (&MOCK_SCHEMA, attributes, G_STRFUNC, TRUE); + g_assert (ret == TRUE); + + g_hash_table_unref (attributes); +} + int main (int argc, char **argv) { @@ -138,5 +192,9 @@ main (int argc, char **argv) g_test_add_func ("/attributes/build-non-utf8-string", test_build_non_utf8_string); g_test_add_func ("/attributes/build-bad-type", test_build_bad_type); + g_test_add_func ("/attributes/validate-schema", test_validate_schema); + g_test_add_func ("/attributes/validate-schema-bad", test_validate_schema_bad); + g_test_add_func ("/attributes/validate-libgnomekeyring", test_validate_libgnomekeyring); + return g_test_run (); }