Permalink
Browse files

Add checks in NTriples/NQuads readers if validating to ensure URIs ar…

…e absolute and statements are properly terminated.
  • Loading branch information...
1 parent 6984bae commit d9d92083abb4146ae37b781b5fa2dd44d93ea0d5 @gkellogg gkellogg committed Mar 22, 2013
Showing with 31 additions and 0 deletions.
  1. +3 −0 lib/rdf/nquads.rb
  2. +12 −0 lib/rdf/ntriples/reader.rb
  3. +16 −0 spec/ntriples_spec.rb
View
3 lib/rdf/nquads.rb
@@ -79,6 +79,9 @@ def read_triple
predicate = read_uriref(:intern => true) || fail_predicate
object = read_uriref || read_node || read_literal || fail_object
context = read_uriref || read_node || read_literal
+ if validate? && !read_eos
+ raise RDF::ReaderError, "expected end of statement in line #{lineno}: #{current_line.inspect}"
+ end
return [subject, predicate, object, {:context => context}]
end
rescue RDF::ReaderError => e
View
12 lib/rdf/ntriples/reader.rb
@@ -126,6 +126,7 @@ class Reader < RDF::Reader
SUBJECT = Regexp.union(URIREF, NODEID).freeze
PREDICATE = Regexp.union(URIREF).freeze
OBJECT = Regexp.union(URIREF, NODEID, LITERAL).freeze
+ END_OF_STATEMENT = /^\s*\.\s*$/.freeze
##
# Reconstructs an RDF value from its serialized N-Triples
@@ -255,6 +256,9 @@ def read_triple
subject = read_uriref || read_node || fail_subject
predicate = read_uriref(:intern => true) || fail_predicate
object = read_uriref || read_node || read_literal || fail_object
+ if validate? && !read_eos
+ raise RDF::ReaderError, "expected end of statement in line #{lineno}: #{current_line.inspect}"
+ end
return [subject, predicate, object]
end
rescue RDF::ReaderError => e
@@ -279,6 +283,7 @@ def read_uriref(options = {})
uri_str = self.class.unescape(uri_str)
uri = RDF::URI.send(intern? && options[:intern] ? :intern : :new, uri_str)
uri.validate! if validate?
+ raise RDF::ReaderError, "uri not absolute" if validate? && !uri.absolute?
uri.canonicalize! if canonicalize?
uri
end
@@ -313,5 +318,12 @@ def read_literal
literal
end
end
+
+ ##
+ # @return [Boolean]
+ # @see http://www.w3.org/TR/rdf-testcases/#ntrip_grammar (triple)
+ def read_eos
+ match(END_OF_STATEMENT)
+ end
end # Reader
end # RDF::NTriples
View
16 spec/ntriples_spec.rb
@@ -467,6 +467,22 @@
end
end
end
+
+ context "with invalid input" do
+ {
+ "nt-syntax-bad-struct-01" => %q(<http://example/s> <http://example/p> <http://example/o>, <http://example/o2> .),
+ "nt-syntax-bad-struct-02" => %q(<http://example/s> <http://example/p> <http://example/o>; <http://example/p2>, <http://example/o2> .),
+ "nt-syntax-bad-lang-01" => %q(<http://example/s> <http://example/p> "string"@1 .),
+ "nt-syntax-bad-string-05" => %q(<http://example/s> <http://example/p> """abc""" .),
+ "nt-syntax-bad-num-01" => %q(<http://example/s> <http://example/p> 1 .),
+ "nt-syntax-bad-num-02" => %q(<http://example/s> <http://example/p> 1.0 .),
+ "nt-syntax-bad-num-03" => %q(<http://example/s> <http://example/p> 1.0e0 .),
+ }.each do |name, nt|
+ it name do
+ lambda {@reader.new(nt, :validate => true).to_a}.should raise_error(RDF::ReaderError)
+ end
+ end
+ end
end
context "when writing" do

0 comments on commit d9d9208

Please sign in to comment.