Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Do not accept pattern_type from user input in push rules #15088

Merged
merged 12 commits into from
Feb 28, 2023
Merged

Do not accept pattern_type from user input in push rules #15088

Changes from 1 commit
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
da01885
Add a (failing) test.
clokep Feb 16, 2023
4ce3786
Separate the pattern vs. pattern_type for event_match.
clokep Feb 16, 2023
e8b9709
Share some duplicated code.
clokep Feb 16, 2023
12cf8be
Separate pattern vs. pattern_type for related_event_match.
clokep Feb 16, 2023
828c1e5
Use an enum instead of magic values.
clokep Feb 21, 2023
546acb9
Newsfragment
clokep Feb 16, 2023
c150670
Remove unneeded clones.
clokep Feb 24, 2023
e9e1a87
Reformat return type of match_related_event_match.
clokep Feb 24, 2023
e47d971
Merge remote-tracking branch 'origin/develop' into clokep/push-rule-p…
clokep Feb 24, 2023
6f23bbb
Remove print statement.
clokep Feb 28, 2023
d9d927a
Add more tests.
clokep Feb 28, 2023
b03ee1f
Merge remote-tracking branch 'origin/develop' into clokep/push-rule-p…
clokep Feb 28, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
37 changes: 14 additions & 23 deletions rust/src/push/evaluator.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -256,9 +256,11 @@ impl PushRuleEvaluator {
};

let result = match known_condition {
KnownCondition::EventMatch(event_match) => {
self.match_event_match(&event_match.key.clone(), &event_match.pattern.clone())?
}
KnownCondition::EventMatch(event_match) => self.match_event_match(
&self.flattened_keys,
clokep marked this conversation as resolved.
Show resolved Hide resolved
&event_match.key.clone(),
clokep marked this conversation as resolved.
Show resolved Hide resolved
&event_match.pattern.clone(),
)?,
KnownCondition::EventMatchType(event_match) => {
// The `pattern_type` can either be "user_id" or "user_localpart",
// either way if we don't have a `user_id` then the condition can't
Expand All @@ -275,7 +277,7 @@ impl PushRuleEvaluator {
_ => return Ok(false),
};

self.match_event_match(&event_match.key.clone(), pattern)?
self.match_event_match(&self.flattened_keys, &event_match.key.clone(), pattern)?
}
KnownCondition::ExactEventMatch(exact_event_match) => {
self.match_exact_event_match(exact_event_match)?
Expand Down Expand Up @@ -341,9 +343,14 @@ impl PushRuleEvaluator {
}

/// Evaluates a `event_match` condition.
fn match_event_match(&self, key: &str, pattern: &str) -> Result<bool, Error> {
fn match_event_match(
&self,
flattened_event: &BTreeMap<String, JsonValue>,
key: &str,
pattern: &str,
clokep marked this conversation as resolved.
Show resolved Hide resolved
) -> Result<bool, Error> {
let haystack = if let Some(JsonValue::Value(SimpleJsonValue::Str(haystack))) =
self.flattened_keys.get(&*key)
flattened_event.get(key)
{
haystack
} else {
Expand Down Expand Up @@ -440,23 +447,7 @@ impl PushRuleEvaluator {
return Ok(false);
};

let haystack =
if let Some(JsonValue::Value(SimpleJsonValue::Str(haystack))) = event.get(&**key) {
haystack
} else {
return Ok(false);
};

// For the content.body we match against "words", but for everything
// else we match against the entire value.
let match_type = if key == "content.body" {
GlobMatchType::Word
} else {
GlobMatchType::Whole
};

let mut compiled_pattern = get_glob_matcher(pattern, match_type)?;
compiled_pattern.is_match(haystack)
self.match_event_match(event, key, pattern)
}

/// Evaluates a `exact_event_property_contains` condition. (MSC3758)
Expand Down