MCPcopy
hub / github.com/perkeep/perkeep / TestSharingTransitiveSafety

Function TestSharingTransitiveSafety

pkg/server/share_test.go:212–241  ·  view source on GitHub ↗

Issue 228: only follow transitive blobref links in known trusted schema fields.

(t *testing.T)

Source from the content-addressed store, hash-verified

210
211// Issue 228: only follow transitive blobref links in known trusted schema fields.
212func TestSharingTransitiveSafety(t *testing.T) {
213 st := newShareTester(t)
214 defer st.done()
215
216 content := "the secret"
217 contentRef := blob.RefFromString(content)
218
219 // User-injected blob, somehow.
220 evilClaim := fmt.Sprintf("Some payload containing the ref: %v", contentRef)
221 evilClaimRef := blob.RefFromString(evilClaim)
222
223 share := schema.NewShareRef(schema.ShareHaveRef, false).
224 SetShareTarget(evilClaimRef).
225 SetShareIsTransitive(true).
226 SetSigner(blob.RefFromString("irrelevant")).
227 SetRawStringField("camliSig", "alsounused")
228 shareRef := func() blob.Ref { return share.Blob().BlobRef() }
229
230 st.put(share.Blob())
231 st.putRaw(contentRef, content)
232 st.putRaw(evilClaimRef, evilClaim)
233
234 st.testGet(shareRef().String(), noError)
235 st.testGet(fmt.Sprintf("%s?via=%s", evilClaimRef, shareRef()), noError)
236
237 st.testGet(fmt.Sprintf("%s?via=%s,%s", contentRef, shareRef(), evilClaimRef), viaChainInvalidLink)
238 if !st.slept() {
239 t.Error("expected sleep after miss")
240 }
241}
242
243// TODO(mpl): try to refactor TestHandleGet*, but there are enough subtle differences to barely make it worth it
244

Callers

nothing calls this directly

Calls 15

RefFromStringFunction · 0.92
NewShareRefFunction · 0.92
newShareTesterFunction · 0.85
doneMethod · 0.80
SetRawStringFieldMethod · 0.80
SetSignerMethod · 0.80
SetShareIsTransitiveMethod · 0.80
SetShareTargetMethod · 0.80
putMethod · 0.80
putRawMethod · 0.80
testGetMethod · 0.80
sleptMethod · 0.80

Tested by

no test coverage detected