jimeh/ozu.io
1
0
Fork 0
mirror of https://github.com/jimeh/ozu.io.git synced 2026-02-19 08:06:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Validate UIDs on Lookup

Browse Source
This commit is contained in:
Jim Myhrberg
2016-07-17 16:36:59 +01:00
parent 4669c1961a
commit 5065c3178d
2 changed files with 17 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
shortener/base58_shortener.go
View File

@@ -2,6 +2,7 @@ package shortener
import (
"crypto/sha1"
"errors"
"fmt"
"github.com/jimeh/go-base58"
@@ -10,6 +11,7 @@ import (
var urlKeyPrefix = []byte("url:")
var uidKeyPrefix = []byte("uid:")
var errInvalidUID = errors.New("invalid UID")
// NewBase58 returns a new *Base58Shortner that uses the given storage.Store.
func NewBase58(store storage.Store) *Base58Shortener {
@@ -58,6 +60,11 @@ func (s *Base58Shortener) Shorten(rawURL []byte) (uid []byte, url []byte, err er
// Lookup the URL of a given UID.
func (s *Base58Shortener) Lookup(uid []byte) ([]byte, error) {
_, err := base58.Decode(uid)
if err != nil {
return nil, errInvalidUID
}
uidKey := s.makeUIDKey(uid)
url, err := s.Store.Get(uidKey)

10
shortener/base58_shortener_test.go
View File

@@ -138,6 +138,16 @@ func (s *Base58ShortenerSuite) TestLookupNonExistant() {
s.store.AssertExpectations(s.T())
}
func (s *Base58ShortenerSuite) TestLookupInvalid() {
uid := []byte("ig\"; drop table haha")
rURL, err := s.shortener.Lookup(uid)
s.EqualError(err, "invalid UID")
s.Nil(rURL)
s.store.AssertExpectations(s.T())
}
// Run Suite
func TestShortenerSuite(t *testing.T) {