couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From j..@apache.org
Subject [couchdb] 05/07: Respond with HTTP 400 Bad Request on invalid revision number
Date Wed, 01 Nov 2017 07:03:01 GMT
This is an automated email from the ASF dual-hosted git repository.

jan pushed a commit to branch 1.x.x
in repository https://gitbox.apache.org/repos/asf/couchdb.git

commit d65a5e8c9a8c850fa8ae784c7f6b420aaa1670eb
Author: Alexander Shorin <kxepal@apache.org>
AuthorDate: Fri Oct 10 22:00:03 2014 +0400

    Respond with HTTP 400 Bad Request on invalid revision number
    
    CouchDB should return HTTP 400 instead of HTTP 500 response
    when revision number isn't integer like "foo-bar" as like as it does
    for completely invalid revisions like "foo".
    
    COUCHDB-2375
---
 share/doc/src/whatsnew/1.7.rst   |  1 +
 src/couchdb/couch_doc.erl        |  8 +++++++-
 test/couchdb/Makefile.am         |  1 +
 test/couchdb/couch_doc_tests.erl | 22 ++++++++++++++++++++++
 4 files changed, 31 insertions(+), 1 deletion(-)

diff --git a/share/doc/src/whatsnew/1.7.rst b/share/doc/src/whatsnew/1.7.rst
index ff77a9e..51e2ec1 100644
--- a/share/doc/src/whatsnew/1.7.rst
+++ b/share/doc/src/whatsnew/1.7.rst
@@ -30,6 +30,7 @@ API Changes
 
 - :issue:`1356`: Return username on :http:post:`/_session`.
 - :issue:`1876`: Fix duplicated Content-Type for show/update functions.
+- :issue:`2375`: :statuscode:`400` returned when invalid revision specified.
 - :issue:`2845`: :statuscode:`400` returned when `revs` is not a list.
 
 Build
diff --git a/src/couchdb/couch_doc.erl b/src/couchdb/couch_doc.erl
index d4386a1..ce0ad4b 100644
--- a/src/couchdb/couch_doc.erl
+++ b/src/couchdb/couch_doc.erl
@@ -176,7 +176,13 @@ parse_rev(Rev) when is_binary(Rev) ->
 parse_rev(Rev) when is_list(Rev) ->
     SplitRev = lists:splitwith(fun($-) -> false; (_) -> true end, Rev),
     case SplitRev of
-        {Pos, [$- | RevId]} -> {list_to_integer(Pos), parse_revid(RevId)};
+        {Pos, [$- | RevId]} ->
+            IntPos = try list_to_integer(Pos) of
+                Val -> Val
+            catch
+                error:badarg -> throw({bad_request, <<"Invalid rev format">>})
+            end,
+            {IntPos, parse_revid(RevId)};
         _Else -> throw({bad_request, <<"Invalid rev format">>})
     end;
 parse_rev(_BadRev) ->
diff --git a/test/couchdb/Makefile.am b/test/couchdb/Makefile.am
index 43e3747..b724720 100644
--- a/test/couchdb/Makefile.am
+++ b/test/couchdb/Makefile.am
@@ -31,6 +31,7 @@ eunit_files = \
     couch_config_tests.erl \
     couch_db_tests.erl \
     couch_doc_json_tests.erl \
+    couch_doc_tests.erl \
     couch_file_tests.erl \
     couch_key_tree_tests.erl \
     couch_passwords_tests.erl \
diff --git a/test/couchdb/couch_doc_tests.erl b/test/couchdb/couch_doc_tests.erl
new file mode 100644
index 0000000..16eef72
--- /dev/null
+++ b/test/couchdb/couch_doc_tests.erl
@@ -0,0 +1,22 @@
+% Licensed under the Apache License, Version 2.0 (the "License"); you may not
+% use this file except in compliance with the License. You may obtain a copy of
+% the License at
+%
+%   http://www.apache.org/licenses/LICENSE-2.0
+%
+% Unless required by applicable law or agreed to in writing, software
+% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+% License for the specific language governing permissions and limitations under
+% the License.
+
+-module(couch_doc_tests).
+
+-include("couch_eunit.hrl").
+
+
+parse_rev_test() ->
+    ?assertEqual({1, <<"123">>}, couch_doc:parse_rev("1-123")),
+    ?assertEqual({1, <<"123">>}, couch_doc:parse_rev(<<"1-123">>)),
+    ?assertException(throw, {bad_request, _}, couch_doc:parse_rev("1f-123")),
+    ?assertException(throw, {bad_request, _}, couch_doc:parse_rev("bar")).

-- 
To stop receiving notification emails like this one, please contact
"commits@couchdb.apache.org" <commits@couchdb.apache.org>.

Mime
View raw message