From: Junghyun Yeon <jungh.yeon@samsung.com>
Date: Mon, 4 Jan 2021 07:37:39 +0000 (+0900)
Subject: Fix wgt version checking logic
X-Git-Tag: submit/tizen/20210107.055953~1
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=6f384a8587ca00337baf0889901c79cdf6d7d91c;p=platform%2Fcore%2Fappfw%2Fwgt-backend.git

Fix wgt version checking logic

WGT version string could contain non UTF-8 characters.
Now version checking logic will skip validation
if given character is non UTF-8.

Change-Id: I869fab0b8f12ece90735e71a71ec62b0e84c806c
Signed-off-by: Junghyun Yeon <jungh.yeon@samsung.com>
---

diff --git a/src/wgt/step/configuration/step_parse.cc b/src/wgt/step/configuration/step_parse.cc
index d4c677b..3b46e7e 100644
--- a/src/wgt/step/configuration/step_parse.cc
+++ b/src/wgt/step/configuration/step_parse.cc
@@ -171,14 +171,22 @@ std::set<std::string> StepParse::ExtractPrivileges(
 }
 
 std::string StepParse::GetPackageVersion(
-     const std::string& manifest_version) {
-  if (manifest_version.empty()) {
+    const std::string& manifest_version) {
+  if (manifest_version.empty())
     return kManifestVersion;
-  }
-  std::string version = manifest_version.substr(0,
-      manifest_version.find_first_not_of("1234567890."));
 
-  return version;
+  for (const char& c : manifest_version) {
+    // first bit of 1 byte utf-8 character is always 0
+    if (c >> 7 == 1)
+      continue;
+
+    if (std::string(1, c).find_first_not_of("1234567890.") !=
+        std::string::npos) {
+      LOG(ERROR) << "Invalid version format";
+      return nullptr;
+    }
+  }
+  return manifest_version;
 }
 
 bool StepParse::FillInstallationInfo(manifest_x* manifest) {