keybase · mmou · Apr 9, 2020 · Apr 8, 2020 · Apr 8, 2020
diff --git a/lib/schema3.js b/lib/schema3.js
diff --git a/lib/wot.js b/lib/wot.js
diff --git a/src/schema3.iced b/src/schema3.iced
@@ -165,8 +165,13 @@ class ChainType extends Node
     return null
 
 class String extends Node
+  constructor : ({args}) ->
+    @_args = args
+
   _check : ({path, obj}) ->
     if typeof(obj) isnt 'string' or obj.length is 0 then return mkerr path, "value must be a string"
+    if (max_length = @_args?.max_length)?
+      if obj.length > max_length then return mkerr path, "value length needs to be < #{max_length}"
     return null
 
 class StringEnum extends Node
@@ -179,7 +184,6 @@ class StringEnum extends Node
     if not @_values[obj] then return mkerr path, "unknown enum value (#{obj})"
     return null
 
-
 class Value extends Node
   constructor : (@_value) ->
   _check : ({path, obj}) ->
@@ -227,7 +231,7 @@ exports.time = () -> new Time {}
 exports.int = () -> new Int {}
 exports.chain_type = () -> new ChainType {}
 exports.link_type = () -> new LinkType {}
-exports.string = () -> new String {}
+exports.string = (args)-> new String { args: args }
 exports.value = (v) -> new Value v
 exports.bool = () -> new Bool {}
 exports.struct = (s) -> new Struct {slots : s}

diff --git a/src/wot.iced b/src/wot.iced
@@ -59,10 +59,10 @@ exports.Vouch = class Vouch extends Base
       confidence : schema.dict({
         username_verified_via : schema.string_enum(["in_person", "proofs", "video", "audio", "other_chat", "familiar", "other"]).optional()
         proofs: schema.array(proof_schema).optional()
-        other : schema.string().optional()
+        other : schema.string({max_length: 90}).optional()
       })
       failing_proofs : schema.array(proof_schema).optional()
-      vouch_text : schema.string()
+      vouch_text : schema.string({max_length: 700})
     })
     err = schm.check(obj)
     cb err

diff --git a/test/files/wot.iced b/test/files/wot.iced
@@ -67,3 +67,34 @@ exports.wot_vouch_happy = (T,cb) ->
   T.equal outer[4], constants.sig_types_v2.wot.vouch_with_revoke, "revoke picked up"
 
   cb null
+
+exports.wot_vouch_bad = (T,cb) ->
+  esc = make_esc cb
+  await new_km_and_sig_arg {}, esc defer me
+  await new_km_and_sig_arg {}, esc defer them
+  me.wot =
+    vouch :
+      user :
+        username : them.user.local.username
+        uid : them.user.local.uid
+        eldest:
+          kid : them.sig_eng.km.key.ekid().toString('hex')
+          seqno : 1
+        seq_tail :
+          seqno : 20
+          sig_id : new_sig_id()
+          payload_hash : new_payload_hash()
+      confidence :
+        username_verified_via : "audio"
+        other : "this string is longer than 90 char this string is longer than 90 char this string is longer than 90 char this string is longer than 90 char"
+      vouch_text : "darn rootin tootin"
+  obj = new wot.Vouch me
+  await obj.generate_v2 esc(defer(out)), {dohash:true}
+
+  verifier = alloc out.inner.obj.body.type, me
+  varg = { armored : out.armored, skip_ids : true, make_ids : true, inner : out.inner.str, expansions : out.expansions, require_packet_hash :true}
+  await verifier.verify_v2 varg, defer err
+  T.assert err?, "got an error back"
+  T.assert (err.message.indexOf(".confidence.other") >= 0), "found right error message"
+
+  cb null