You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by va...@apache.org on 2020/09/09 19:13:00 UTC

[couchdb] branch 3.x updated: Handle malformed URLs when stripping URL creds in couch_replicator

This is an automated email from the ASF dual-hosted git repository.

vatamane pushed a commit to branch 3.x
in repository https://gitbox.apache.org/repos/asf/couchdb.git


The following commit(s) were added to refs/heads/3.x by this push:
     new e171c63  Handle malformed URLs when stripping URL creds in couch_replicator
e171c63 is described below

commit e171c63591fb948a1da666e3321f7622a2978df0
Author: Nick Vatamaniuc <va...@apache.org>
AuthorDate: Wed Sep 9 13:21:17 2020 -0400

    Handle malformed URLs when stripping URL creds in couch_replicator
    
    Previously there was an error thrown which prevented emitting _scheduler/docs
    responses. Instead of throwing an error, return `null` if the URL cannot be
    parsed.
---
 src/couch_replicator/src/couch_replicator.erl | 28 +++++++++++++++++++++++++--
 1 file changed, 26 insertions(+), 2 deletions(-)

diff --git a/src/couch_replicator/src/couch_replicator.erl b/src/couch_replicator/src/couch_replicator.erl
index b38f31b..b169dcc 100644
--- a/src/couch_replicator/src/couch_replicator.erl
+++ b/src/couch_replicator/src/couch_replicator.erl
@@ -141,7 +141,11 @@ strip_url_creds(Endpoint) ->
                 iolist_to_binary(couch_util:url_strip_password(Url))
     catch
         throw:{error, local_endpoints_not_supported} ->
-            Endpoint
+            Endpoint;
+        error:_ ->
+            % Avoid exposing any part of the URL in case there is a password in
+            % the malformed endpoint URL
+            null
     end.
 
 
@@ -356,7 +360,8 @@ strip_url_creds_test_() ->
         [
             t_strip_http_basic_creds(),
             t_strip_http_props_creds(),
-            t_strip_local_db_creds()
+            t_strip_local_db_creds(),
+            t_strip_url_creds_errors()
         ]
     }.
 
@@ -389,4 +394,23 @@ t_strip_http_props_creds() ->
         ?assertEqual(<<"http://host/db/">>, strip_url_creds(Props2))
     end).
 
+
+t_strip_url_creds_errors() ->
+    ?_test(begin
+        Bad1 = {[{<<"url">>, <<"http://adm:pass/bad">>}]},
+        ?assertEqual(null, strip_url_creds(Bad1)),
+        Bad2 = {[{<<"garbage">>, <<"more garbage">>}]},
+        ?assertEqual(null, strip_url_creds(Bad2)),
+        Bad3 = <<"http://a:b:c">>,
+        ?assertEqual(null, strip_url_creds(Bad3)),
+        Bad4 = <<"http://adm:pass:pass/bad">>,
+        ?assertEqual(null, strip_url_creds(Bad4)),
+        ?assertEqual(null, strip_url_creds(null)),
+        ?assertEqual(null, strip_url_creds(42)),
+        ?assertEqual(null, strip_url_creds([<<"a">>, <<"b">>])),
+        Bad5 = {[{<<"source_proxy">>, <<"http://adm:pass/bad">>}]},
+        ?assertEqual(null, strip_url_creds(Bad5))
+    end).
+
+
 -endif.