From 363fc55fa19af0bc86cc4c53538dbe94b2731e82 Mon Sep 17 00:00:00 2001 From: Afuna Date: Sun, 30 Dec 2012 08:26:50 +0800 Subject: [PATCH 1/2] (Bug 4788) Add test for entry lookup. --- t/entry-lookup.t | 63 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 t/entry-lookup.t diff --git a/t/entry-lookup.t b/t/entry-lookup.t new file mode 100644 index 0000000000..e43b97bcfc --- /dev/null +++ b/t/entry-lookup.t @@ -0,0 +1,63 @@ +# -*-perl-*- + +use strict; +use Test::More; +use lib "$ENV{LJHOME}/cgi-bin"; +BEGIN { require 'ljlib.pl'; } + + +use LJ::Test qw(temp_user); +use LJ::Entry; + +plan tests => 10; + +my $u = temp_user(); + +my $entry_real = $u->t_post_fake_entry; +my $ditemid = $entry_real->{ditemid}; +my $jitemid = $entry_real->{jitemid}; +my $anum = $entry_real->{anum}; + +note( "test entry from jitemid (valid jitemid)" ); +{ + LJ::Entry->reset_singletons; + my $entry_from_jitemid = LJ::Entry->new( $u, jitemid => $jitemid ); + ok( $entry_from_jitemid->valid, "valid entry" ); + ok( $entry_from_jitemid->correct_anum, "correct anum" ); +} + +note( "test entry from jitemid (invalid jitemid" ); +{ + LJ::Entry->reset_singletons; + my $entry_from_jitemid = LJ::Entry->new( $u, jitemid => $jitemid + 1 ); + ok( ! $entry_from_jitemid->valid, "invalid entry" ); + ok( ! $entry_from_jitemid->correct_anum, "incorrect anum" ); +} + +note( "test entry from ditemid (valid ditemid) "); +{ + LJ::Entry->reset_singletons; + my $entry_from_ditemid = LJ::Entry->new( $u, ditemid => $ditemid ); + ok( $entry_from_ditemid->valid, "valid entry" ); + ok( $entry_from_ditemid->correct_anum, "correct anum" ); +} + +note( "test entry from ditemid (valid jitemid, invalid anum)" ); +{ + LJ::Entry->reset_singletons; + my $entry_from_ditemid = LJ::Entry->new( $u, ditemid => ( $jitemid << 8 ) + ( ( $anum + 1 ) % 256 ) ); + warn "$entry_real->{ditemid}; $entry_real->{anum} ;; $entry_from_ditemid->{ditemid}; $entry_from_ditemid->{anum}"; + ok( $entry_from_ditemid->valid, "valid entry" ); + ok( ! $entry_from_ditemid->correct_anum, "incorrect anum" ); +} + +note( "test entry from ditemid (invalid jitemid, invalid anum)" ); +{ + LJ::Entry->reset_singletons; + my $entry_from_ditemid = LJ::Entry->new( $u, ditemid => ( $jitemid + 1 ) ); + ok( ! $entry_from_ditemid->valid, "valid entry" ); + ok( ! $entry_from_ditemid->correct_anum, "incorrect anum" ); +} + +1; + From 56f020b621d4de9ce6ae924fc289116fd68b56ff Mon Sep 17 00:00:00 2001 From: Afuna Date: Sun, 30 Dec 2012 03:18:49 +0800 Subject: [PATCH 2/2] (Bug 4788) If we guessed the anum, then save it as "untrusted_anum" Intead of trusting the anum based on the ditemid, save it under a different name, which we can later use to compare against the actual anum we fetched from the database --- cgi-bin/LJ/Entry.pm | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/cgi-bin/LJ/Entry.pm b/cgi-bin/LJ/Entry.pm index 0e986d222c..54ce0d5ba0 100644 --- a/cgi-bin/LJ/Entry.pm +++ b/cgi-bin/LJ/Entry.pm @@ -115,7 +115,7 @@ sub new if %opts; if ($self->{ditemid}) { - $self->{anum} = $self->{ditemid} & 255; + $self->{_untrusted_anum} = $self->{ditemid} & 255; $self->{jitemid} = $self->{ditemid} >> 8; } @@ -283,9 +283,14 @@ sub anum { # $entry->correct_anum # $entry->correct_anum($given_anum) # if no given anum, gets it from the provided ditemid to constructor +# Note: an anum parsed from the ditemid cannot be trusted which is what we're verifying here sub correct_anum { my ( $self, $given ) = @_; - $given = defined $given ? int( $given ) : $self->{anum}; + + $given = defined $given ? int( $given ) : + $self->{ditemid} ? $self->{_untrusted_anum} : + $self->{anum}; + return 0 unless $self->valid; return 0 unless defined $self->{anum} && defined $given; return $self->{anum} == $given;