From 6c7cff4f162c1b2edc09f03528f016611a5b5a1b Mon Sep 17 00:00:00 2001 From: Michael Jerger Date: Wed, 1 May 2024 14:39:09 +0200 Subject: [PATCH] fix NPE --- models/forgefed/activity.go | 12 ++++++++++-- models/forgefed/activity_test.go | 18 +++++++++++++++++- 2 files changed, 27 insertions(+), 3 deletions(-) diff --git a/models/forgefed/activity.go b/models/forgefed/activity.go index aeb943308e..a2d7d0cdaa 100644 --- a/models/forgefed/activity.go +++ b/models/forgefed/activity.go @@ -46,8 +46,16 @@ func (like ForgeLike) Validate() []string { var result []string result = append(result, validation.ValidateNotEmpty(string(like.Type), "type")...) result = append(result, validation.ValidateOneOf(string(like.Type), []any{"Like"})...) - result = append(result, validation.ValidateNotEmpty(like.Actor.GetID().String(), "actor")...) - result = append(result, validation.ValidateNotEmpty(like.Object.GetID().String(), "object")...) + if like.Actor == nil { + result = append(result, "Actor my not be nil.") + } else { + result = append(result, validation.ValidateNotEmpty(like.Actor.GetID().String(), "actor")...) + } + if like.Object == nil { + result = append(result, "Object my not be nil.") + } else { + result = append(result, validation.ValidateNotEmpty(like.Object.GetID().String(), "object")...) + } result = append(result, validation.ValidateNotEmpty(like.StartTime.String(), "startTime")...) if like.StartTime.IsZero() { result = append(result, "StartTime was invalid.") diff --git a/models/forgefed/activity_test.go b/models/forgefed/activity_test.go index a81ea925ba..e6a37b9510 100644 --- a/models/forgefed/activity_test.go +++ b/models/forgefed/activity_test.go @@ -128,7 +128,7 @@ func TestActivityValidation(t *testing.T) { sut.UnmarshalJSON([]byte(`{"actor":"https://repo.prod.meissa.de/api/activitypub/user-id/1", "object":"https://codeberg.org/api/activitypub/repository-id/1", "startTime": "2014-12-31T23:00:00-08:00"}`)) - if sut.Validate()[0] != "Field type should not be empty" { + if sut.Validate()[0] != "type should not be empty" { t.Errorf("validation error expected but was: %v\n", sut.Validate()[0]) } @@ -147,4 +147,20 @@ func TestActivityValidation(t *testing.T) { if sut.Validate()[0] != "StartTime was invalid." { t.Errorf("validation error expected but was: %v\n", sut.Validate()) } + + sut.UnmarshalJSON([]byte(`{"type":"Wrong", + "actor":"https://repo.prod.meissa.de/api/activitypub/user-id/1", + "object":"https://codeberg.org/api/activitypub/repository-id/1", + "startTime": "2014-12-31T23:00:00-08:00"}`)) + if sut.Validate()[0] != "Value Wrong is not contained in allowed values [Like]" { + t.Errorf("validation error expected but was: %v\n", sut.Validate()) + } +} + +func TestActivityValidation_Attack(t *testing.T) { + sut := new(ForgeLike) + sut.UnmarshalJSON([]byte(`{rubbish}`)) + if len(sut.Validate()) != 5 { + t.Errorf("5 validateion errors expected but was: %v\n", len(sut.Validate())) + } }