From f9cf49a6113c39d506af1676b1daf2895c8dc4c9 Mon Sep 17 00:00:00 2001 From: zhangdi Date: Wed, 4 Jun 2025 15:35:15 +0800 Subject: [PATCH] =?UTF-8?q?=E7=A9=BA=E5=8F=A3=E4=BB=BF=E5=86=92=E6=8E=92?= =?UTF-8?q?=E6=9F=A5=E9=98=B2=E6=AD=A2=E8=B7=AF=E5=BE=84=E7=A9=BF=E8=B6=8A?= =?UTF-8?q?=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: zhangdi --- .../service/rdb/rdb_service_impl.cpp | 79 ++- .../service/rdb/rdb_service_impl.h | 6 + .../service/test/rdb_service_impl_test.cpp | 657 ++++++++++++++++++ 3 files changed, 732 insertions(+), 10 deletions(-) mode change 100755 => 100644 services/distributeddataservice/service/rdb/rdb_service_impl.h diff --git a/services/distributeddataservice/service/rdb/rdb_service_impl.cpp b/services/distributeddataservice/service/rdb/rdb_service_impl.cpp index 9f988905d..5ac01b1e6 100644 --- a/services/distributeddataservice/service/rdb/rdb_service_impl.cpp +++ b/services/distributeddataservice/service/rdb/rdb_service_impl.cpp @@ -72,6 +72,7 @@ using system_clock = std::chrono::system_clock; constexpr uint32_t ITERATE_TIMES = 10000; constexpr uint32_t ALLOW_ONLINE_AUTO_SYNC = 8; const size_t KEY_COUNT = 2; +constexpr int32_t VALID_PARAM_LENGTH = 2; namespace OHOS::DistributedRdb { __attribute__((used)) RdbServiceImpl::Factory RdbServiceImpl::factory_; RdbServiceImpl::Factory::Factory() @@ -344,7 +345,7 @@ void RdbServiceImpl::UpdateMeta(const StoreMetaData &meta, const StoreMetaData & int32_t RdbServiceImpl::SetDistributedTables(const RdbSyncerParam ¶m, const std::vector &tables, const std::vector &references, bool isRebuild, int32_t type) { - if (!CheckAccess(param.bundleName_, param.storeName_)) { + if (!CheckParam(param) || !CheckAccess(param.bundleName_, param.storeName_)) { ZLOGE("bundleName:%{public}s, storeName:%{public}s. Permission error", param.bundleName_.c_str(), Anonymous::Change(param.storeName_).c_str()); return RDB_ERROR; @@ -460,7 +461,7 @@ RdbServiceImpl::DetailAsync RdbServiceImpl::GetCallbacks(uint32_t tokenId, const std::pair> RdbServiceImpl::RemoteQuery(const RdbSyncerParam& param, const std::string& device, const std::string& sql, const std::vector& selectionArgs) { - if (!CheckAccess(param.bundleName_, param.storeName_)) { + if (!CheckParam(param) || !CheckAccess(param.bundleName_, param.storeName_)) { ZLOGE("bundleName:%{public}s, storeName:%{public}s. Permission error", param.bundleName_.c_str(), Anonymous::Change(param.storeName_).c_str()); return { RDB_ERROR, nullptr }; @@ -489,7 +490,7 @@ std::pair> RdbServiceImpl::R int32_t RdbServiceImpl::Sync(const RdbSyncerParam ¶m, const Option &option, const PredicatesMemo &predicates, const AsyncDetail &async) { - if (!CheckAccess(param.bundleName_, param.storeName_)) { + if (!CheckParam(param) || !CheckAccess(param.bundleName_, param.storeName_)) { ZLOGE("bundleName:%{public}s, storeName:%{public}s. Permission error", param.bundleName_.c_str(), Anonymous::Change(param.storeName_).c_str()); return RDB_ERROR; @@ -820,10 +821,69 @@ std::pair> RdbServiceImpl::AllocResource(StoreI return result; } +bool RdbServiceImpl::CheckInvalidPath(const std::string ¶m) +{ + if ((param.find("/") != std::string::npos) || (param.find("\\") != std::string::npos) || (param == "..")) { + return false; + } + return true; +} + +bool RdbServiceImpl::CheckCustomDir(const std::string &customDir, int32_t upLimit) +{ + if (customDir.empty()) { + return true; + } + if (customDir[0] == '/') { + return false; + } + std::vector components = Constant::Split(customDir, "/"); + int32_t up = 0; + for (const auto &comp : components) { + if (comp.empty() || comp == ".") { + continue; + } + if (comp != "..") { + up--; + continue; + } + if (++up > upLimit) { + return false; + } + } + return true; +} + +bool RdbServiceImpl::CheckParam(const RdbSyncerParam ¶m) +{ + if (param.storeName_.find("/") != std::string::npos) { + ZLOGE("storeName is Invalid, storeName is %{public}s.", Anonymous::Change(param.storeName_).c_str()); + return false; + } + if (!CheckInvalidPath(param.bundleName_)) { + ZLOGE("bundleName is Invalid, bundleName is %{public}s.", param.bundleName_.c_str()); + return false; + } + if (!CheckInvalidPath(param.user_)) { + ZLOGE("user is Invalid, user is %{public}s.", param.user_.c_str()); + return false; + } + if (!CheckInvalidPath(param.hapName_)) { + ZLOGE("hapName is Invalid, hapName is %{public}s.", param.hapName_.c_str()); + return false; + } + int32_t upLimit = param.hapName_.empty() ? 1 : VALID_PARAM_LENGTH; + if (!CheckCustomDir(param.customDir_, upLimit)) { + ZLOGE("customDir is Invalid, customDir is %{public}s.", Anonymous::Change(param.customDir_).c_str()); + return false; + } + return true; +} + int32_t RdbServiceImpl::BeforeOpen(RdbSyncerParam ¶m) { XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - if (!CheckAccess(param.bundleName_, param.storeName_)) { + if (!CheckParam(param) || !CheckAccess(param.bundleName_, param.storeName_)) { ZLOGE("bundleName:%{public}s, storeName:%{public}s. Permission error", param.bundleName_.c_str(), Anonymous::Change(param.storeName_).c_str()); return RDB_ERROR; @@ -870,7 +930,7 @@ void RdbServiceImpl::SaveLaunchInfo(StoreMetaData &meta) int32_t RdbServiceImpl::AfterOpen(const RdbSyncerParam ¶m) { XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - if (!CheckAccess(param.bundleName_, param.storeName_)) { + if (!CheckParam(param) || !CheckAccess(param.bundleName_, param.storeName_)) { ZLOGE("bundleName:%{public}s, storeName:%{public}s. Permission error", param.bundleName_.c_str(), Anonymous::Change(param.storeName_).c_str()); return RDB_ERROR; @@ -1113,7 +1173,6 @@ StoreMetaData RdbServiceImpl::GetStoreMetaData(const Database &dataBase) return storeMetaData; } - std::shared_ptr RdbServiceImpl::GetStore(const StoreMetaData &storeMetaData) { auto watchers = GetWatchers(storeMetaData.tokenId, storeMetaData.storeId); @@ -1370,7 +1429,7 @@ int32_t RdbServiceImpl::NotifyDataChange( const RdbSyncerParam ¶m, const RdbChangedData &rdbChangedData, const RdbNotifyConfig &rdbNotifyConfig) { XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - if (!CheckAccess(param.bundleName_, param.storeName_)) { + if (!CheckParam(param) || !CheckAccess(param.bundleName_, param.storeName_)) { ZLOGE("bundleName:%{public}s, storeName:%{public}s. Permission error", param.bundleName_.c_str(), Anonymous::Change(param.storeName_).c_str()); return RDB_ERROR; @@ -1488,7 +1547,7 @@ int32_t RdbServiceImpl::Enable(const RdbSyncerParam ¶m) int32_t RdbServiceImpl::GetPassword(const RdbSyncerParam ¶m, std::vector> &password) { - if (!CheckAccess(param.bundleName_, param.storeName_)) { + if (!CheckParam(param) || !CheckAccess(param.bundleName_, param.storeName_)) { ZLOGE("bundleName:%{public}s, storeName:%{public}s. Permission error", param.bundleName_.c_str(), Anonymous::Change(param.storeName_).c_str()); return RDB_ERROR; @@ -1574,7 +1633,7 @@ int32_t RdbServiceImpl::UnlockCloudContainer(const RdbSyncerParam ¶m) int32_t RdbServiceImpl::GetDebugInfo(const RdbSyncerParam ¶m, std::map &debugInfo) { - if (!CheckAccess(param.bundleName_, param.storeName_)) { + if (!CheckParam(param) || !CheckAccess(param.bundleName_, param.storeName_)) { ZLOGE("bundleName:%{public}s, storeName:%{public}s. Permission error", param.bundleName_.c_str(), Anonymous::Change(param.storeName_).c_str()); return RDB_ERROR; @@ -1627,7 +1686,7 @@ int32_t RdbServiceImpl::SaveDebugInfo(const StoreMetaData &metaData, const RdbSy int32_t RdbServiceImpl::GetDfxInfo(const RdbSyncerParam ¶m, DistributedRdb::RdbDfxInfo &dfxInfo) { - if (!CheckAccess(param.bundleName_, param.storeName_)) { + if (!CheckParam(param) || !CheckAccess(param.bundleName_, param.storeName_)) { ZLOGE("bundleName:%{public}s, storeName:%{public}s. Permission error", param.bundleName_.c_str(), Anonymous::Change(param.storeName_).c_str()); return RDB_ERROR; diff --git a/services/distributeddataservice/service/rdb/rdb_service_impl.h b/services/distributeddataservice/service/rdb/rdb_service_impl.h old mode 100755 new mode 100644 index 18fe8217f..096c58c21 --- a/services/distributeddataservice/service/rdb/rdb_service_impl.h +++ b/services/distributeddataservice/service/rdb/rdb_service_impl.h @@ -192,6 +192,12 @@ private: bool CheckAccess(const std::string& bundleName, const std::string& storeName); + bool CheckInvalidPath(const std::string& param); + + bool CheckCustomDir(const std::string &customDir, int32_t upLimit); + + bool CheckParam(const RdbSyncerParam ¶m); + std::shared_ptr GetStore(const RdbSyncerParam& param); std::shared_ptr GetStore(const StoreMetaData &storeMetaData); diff --git a/services/distributeddataservice/service/test/rdb_service_impl_test.cpp b/services/distributeddataservice/service/test/rdb_service_impl_test.cpp index d47d2e045..54f25eae2 100644 --- a/services/distributeddataservice/service/test/rdb_service_impl_test.cpp +++ b/services/distributeddataservice/service/test/rdb_service_impl_test.cpp @@ -262,6 +262,45 @@ HWTEST_F(RdbServiceImplTest, ObtainDistributedTableName001, TestSize.Level0) EXPECT_EQ(MetaDataManager::GetInstance().DelMeta(metaData_.GetKey(), false), true); } +/** + * @tc.name: RemoteQuery001 + * @tc.desc: test RemoteQuery, param invalid. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, RemoteQuery001, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = TEST_BUNDLE; + param.storeName_ = TEST_STORE; + param.hapName_ = "test/test"; + std::vector selectionArgs; + auto deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; + auto ret = service.RemoteQuery(param, deviceId, "", selectionArgs); + EXPECT_EQ(ret.first, RDB_ERROR); + EXPECT_EQ(MetaDataManager::GetInstance().DelMeta(metaData_.GetKey(), false), true); +} + +/** + * @tc.name: RemoteQuery002 + * @tc.desc: test RemoteQuery, when CheckAccess fails. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, RemoteQuery002, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + std::vector selectionArgs; + auto deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; + auto ret = service.RemoteQuery(param, deviceId, "", selectionArgs); + EXPECT_EQ(ret.first, RDB_ERROR); + EXPECT_EQ(MetaDataManager::GetInstance().DelMeta(metaData_.GetKey(), false), true); +} + /** * @tc.name: TransferStringToHex001 * @tc.desc: test TransferStringToHex, param empty. @@ -623,6 +662,100 @@ HWTEST_F(RdbServiceImplTest, OnReady002, TestSize.Level0) EXPECT_EQ(MetaDataManager::GetInstance().SaveMeta(dataBase2.GetKey(), metaData_, true), true); } +/** + * @tc.name: AfterOpen001 + * @tc.desc: Test AfterOpen when CheckParam not pass. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, AfterOpen001, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = metaData_.bundleName; + param.storeName_ = metaData_.storeId; + param.hapName_ = "test/test"; + int32_t result = service.AfterOpen(param); + + EXPECT_EQ(result, RDB_ERROR); +} + +/** + * @tc.name: AfterOpen002 + * @tc.desc: Test AfterOpen when CheckAccess not pass. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, AfterOpen002, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + int32_t result = service.AfterOpen(param); + + EXPECT_EQ(result, RDB_ERROR); +} + +/** + * @tc.name: AfterOpen003 + * @tc.desc: Test AfterOpen when CheckAccess pass and CheckParam pass. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, AfterOpen003, TestSize.Level0) +{ + EXPECT_EQ(MetaDataManager::GetInstance().SaveMeta(metaData_.GetKey(), metaData_, false), true); + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = metaData_.bundleName; + param.storeName_ = metaData_.storeId; + int32_t result = service.AfterOpen(param); + + EXPECT_EQ(result, RDB_OK); + EXPECT_EQ(MetaDataManager::GetInstance().DelMeta(metaData_.GetKey(), false), true); +} + +/** + * @tc.name: NotifyDataChange001 + * @tc.desc: Test NotifyDataChange when CheckParam not pass. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, NotifyDataChange001, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = metaData_.bundleName; + param.storeName_ = metaData_.storeId; + param.hapName_ = "test/test"; + RdbChangedData rdbChangedData; + RdbNotifyConfig rdbNotifyConfig; + int32_t result = service.NotifyDataChange(param, rdbChangedData, rdbNotifyConfig); + + EXPECT_EQ(result, RDB_ERROR); +} + +/** + * @tc.name: NotifyDataChange002 + * @tc.desc: Test NotifyDataChange when CheckAccess not pass. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, NotifyDataChange002, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + RdbChangedData rdbChangedData; + RdbNotifyConfig rdbNotifyConfig; + int32_t result = service.NotifyDataChange(param, rdbChangedData, rdbNotifyConfig); + + EXPECT_EQ(result, RDB_ERROR); +} + /** * @tc.name: SetSearchable001 * @tc.desc: Test SetSearchable when CheckAccess fails. @@ -805,6 +938,27 @@ HWTEST_F(RdbServiceImplTest, GetPassword005, TestSize.Level0) EXPECT_EQ(result, RDB_NO_META); } +/** + * @tc.name: GetPassword006 + * @tc.desc: Test GetPassword when CheckParam not pass. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, GetPassword006, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = TEST_BUNDLE; + param.storeName_ = TEST_STORE; + param.hapName_ = "test/test"; + std::vector> password; + + int32_t result = service.GetPassword(param, password); + + EXPECT_EQ(result, RDB_ERROR); +} + /** * @tc.name: SetDistributedTables001 * @tc.desc: Test SetDistributedTables when CheckAccess not pass. @@ -846,6 +1000,30 @@ HWTEST_F(RdbServiceImplTest, SetDistributedTables002, TestSize.Level0) EXPECT_EQ(result, RDB_OK); } +/** + * @tc.name: SetDistributedTables003 + * @tc.desc: Test SetDistributedTables when type is search. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, SetDistributedTables003, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = TEST_BUNDLE; + param.storeName_ = TEST_STORE; + param.type_ = StoreMetaData::StoreType::STORE_RELATIONAL_BEGIN; + param.hapName_ = "test/test"; + std::vector tables; + std::vector references; + + int32_t result = + service.SetDistributedTables(param, tables, references, false, + DistributedTableType::DISTRIBUTED_SEARCH); + EXPECT_EQ(result, RDB_ERROR); +} + /** * @tc.name: Sync001 * @tc.desc: Test Sync when CheckAccess not pass. @@ -864,6 +1042,96 @@ HWTEST_F(RdbServiceImplTest, Sync001, TestSize.Level0) EXPECT_EQ(result, RDB_ERROR); } +/** + * @tc.name: Sync002 + * @tc.desc: Test Sync when CheckParam not pass. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, Sync002, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = TEST_BUNDLE; + param.storeName_ = TEST_STORE; + param.hapName_ = "test/test"; + RdbService::Option option {}; + PredicatesMemo predicates; + + int32_t result = service.Sync(param, option, predicates, nullptr); + EXPECT_EQ(result, RDB_ERROR); +} + +/** + * @tc.name: BeforeOpen001 + * @tc.desc: Test BeforeOpen when CheckParam not pass. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, BeforeOpen001, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = TEST_BUNDLE; + param.storeName_ = TEST_STORE; + param.hapName_ = "test/test"; + int32_t result = service.BeforeOpen(param); + EXPECT_EQ(result, RDB_ERROR); +} + +/** + * @tc.name: BeforeOpen002 + * @tc.desc: Test BeforeOpen when checkacess not pass. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, BeforeOpen002, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + int32_t result = service.BeforeOpen(param); + EXPECT_EQ(result, RDB_ERROR); +} + +/** + * @tc.name: BeforeOpen003 + * @tc.desc: Test BeforeOpen when checkacess pass and CheckParam pass. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, BeforeOpen003, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = TEST_BUNDLE; + param.storeName_ = TEST_STORE; + int32_t result = service.BeforeOpen(param); + EXPECT_EQ(result, RDB_NO_META); +} + +/** + * @tc.name: BeforeOpen004 + * @tc.desc: Test BeforeOpen when checkacess pass and CheckParam pass. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, BeforeOpen004, TestSize.Level0) +{ + EXPECT_EQ(MetaDataManager::GetInstance().SaveMeta(metaData_.GetKey(), metaData_, true), true); + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = TEST_BUNDLE; + param.storeName_ = TEST_STORE; + int32_t result = service.BeforeOpen(param); + EXPECT_EQ(result, RDB_OK); + EXPECT_EQ(MetaDataManager::GetInstance().DelMeta(metaData_.GetKey(), true), true); +} + /** * @tc.name: Subscribe001 * @tc.desc: Test Subscribe when option mode invalid. @@ -944,6 +1212,86 @@ HWTEST_F(RdbServiceImplTest, GetDfxInfo001, TestSize.Level0) int32_t result = service.GetDfxInfo(param, dfxInfo); EXPECT_EQ(result, RDB_ERROR); } + +/** + * @tc.name: GetDfxInfo002 + * @tc.desc: Test GetDfxInfo when CheckParam not pass. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, GetDfxInfo002, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = TEST_BUNDLE; + param.storeName_ = TEST_STORE; + param.hapName_ = "test/test"; + DistributedRdb::RdbDfxInfo dfxInfo; + int32_t result = service.GetDfxInfo(param, dfxInfo); + EXPECT_EQ(result, RDB_ERROR); +} + +/** + * @tc.name: GetDfxInfo003 + * @tc.desc: Test GetDfxInfo when CheckParam not pass. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, GetDfxInfo003, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = TEST_BUNDLE; + param.storeName_ = TEST_STORE; + DistributedRdb::RdbDfxInfo dfxInfo; + int32_t result = service.GetDfxInfo(param, dfxInfo); + EXPECT_EQ(result, RDB_OK); +} + +/** + * @tc.name: GetDfxInfo004 + * @tc.desc: Test GetDfxInfo when CheckParam not pass. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, GetDfxInfo004, TestSize.Level0) +{ + EXPECT_EQ(MetaDataManager::GetInstance().SaveMeta(metaData_.GetKey(), metaData_, false), true); + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = TEST_BUNDLE; + param.storeName_ = TEST_STORE; + DistributedRdb::RdbDfxInfo dfxInfo; + int32_t result = service.GetDfxInfo(param, dfxInfo); + EXPECT_EQ(result, RDB_OK); + EXPECT_EQ(MetaDataManager::GetInstance().DelMeta(metaData_.GetKey(), false), true); +} + +/** + * @tc.name: GetDfxInfo005 + * @tc.desc: Test GetDfxInfo when CheckParam not pass. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, GetDfxInfo005, TestSize.Level0) +{ + EXPECT_EQ(MetaDataManager::GetInstance().SaveMeta(metaData_.GetKey(), metaData_, false), true); + EXPECT_EQ(MetaDataManager::GetInstance().SaveMeta(metaData_.GetDfxInfoKey(), metaData_, false), true); + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = TEST_BUNDLE; + param.storeName_ = TEST_STORE; + DistributedRdb::RdbDfxInfo dfxInfo; + int32_t result = service.GetDfxInfo(param, dfxInfo); + EXPECT_EQ(result, RDB_OK); + EXPECT_EQ(MetaDataManager::GetInstance().DelMeta(metaData_.GetKey(), false), true); + EXPECT_EQ(MetaDataManager::GetInstance().DelMeta(metaData_.GetDfxInfoKey(), false), true); +} + /** * @tc.name: LockCloudContainer001 * @tc.desc: Test LockCloudContainer when CheckAccess fails. @@ -1047,6 +1395,28 @@ HWTEST_F(RdbServiceImplTest, GetDebugInfo001, TestSize.Level0) EXPECT_TRUE(debugInfo.empty()); } +/** + * @tc.name: GetDebugInfo002 + * @tc.desc: Test GetDebugInfo when CheckSyncParam fails. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zhaojh + */ +HWTEST_F(RdbServiceImplTest, GetDebugInfo002, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = metaData_.bundleName; + param.storeName_ = metaData_.storeId; + param.hapName_ = "test/test"; + std::map debugInfo; + + int32_t result = service.GetDebugInfo(param, debugInfo); + + EXPECT_EQ(result, RDB_ERROR); + EXPECT_TRUE(debugInfo.empty()); +} + /** * @tc.name: VerifyPromiseInfo001 * @tc.desc: Test VerifyPromiseInfo when LoadMeta fails. @@ -1102,5 +1472,292 @@ HWTEST_F(RdbServiceImplTest, VerifyPromiseInfo002, TestSize.Level0) EXPECT_EQ(MetaDataManager::GetInstance().DelMeta(metaData_.GetKeyLocal(), true), true); } + +/** + * @tc.name: CheckParam001 + * @tc.desc: Test VerifyPromiseInfo when bundleName_ contain '/'. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, CheckParam001, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = "test/test"; + param.hapName_ = "test"; + param.storeName_ = "test"; + param.user_ = "test"; + param.customDir_ = "test"; + + bool result = service.CheckParam(param); + + EXPECT_EQ(result, false); + param.bundleName_ = ".."; + + result = service.CheckParam(param); + + EXPECT_EQ(result, false); + + param.bundleName_ = "test\\..test"; + + result = service.CheckParam(param); + + EXPECT_EQ(result, false); +} + +/** + * @tc.name: CheckParam002 + * @tc.desc: Test VerifyPromiseInfo when hapName_ contain '/'. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, CheckParam002, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = "test"; + param.hapName_ = "test/test"; + param.storeName_ = "test"; + param.user_ = "test"; + param.customDir_ = "test"; + + bool result = service.CheckParam(param); + + EXPECT_EQ(result, false); + param.hapName_ = ".."; + + result = service.CheckParam(param); + + EXPECT_EQ(result, false); + + param.hapName_ = "test\\..test"; + + result = service.CheckParam(param); + + EXPECT_EQ(result, false); +} + +/** + * @tc.name: CheckParam003 + * @tc.desc: Test CheckParam when user_ contain '/'. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, CheckParam003, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = "test"; + param.hapName_ = "test"; + param.storeName_ = "test"; + param.user_ = "test/test"; + param.customDir_ = "test"; + + bool result = service.CheckParam(param); + + EXPECT_EQ(result, false); + + param.user_ = ".."; + + result = service.CheckParam(param); + + EXPECT_EQ(result, false); + param.user_ = "test\\..test"; + + result = service.CheckParam(param); + + EXPECT_EQ(result, false); +} + +/** + * @tc.name: CheckParam004 + * @tc.desc: Test CheckParam. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, CheckParam004, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = "test"; + param.hapName_ = "test"; + param.storeName_ = "test"; + param.user_ = "test"; + param.customDir_ = "test"; + + bool result = service.CheckParam(param); + + EXPECT_EQ(result, true); +} + +/** + * @tc.name: CheckParam005 + * @tc.desc: Test VerifyPromiseInfo when storename contain '/'. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, CheckParam005, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = "test"; + param.hapName_ = "test"; + param.storeName_ = "test/test"; + param.user_ = "test"; + param.customDir_ = "test"; + + bool result = service.CheckParam(param); + + EXPECT_EQ(result, false); +} + +/** + * @tc.name: CheckParam006 + * @tc.desc: Test VerifyPromiseInfo when customDir is invalid. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, CheckParam006, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = "test"; + param.hapName_ = "test"; + param.storeName_ = "test"; + param.user_ = "test"; + param.customDir_ = "test/../../test/../../../"; + bool result = service.CheckParam(param); + EXPECT_EQ(result, false); + + param.customDir_ = "test/../test/../../../../"; + result = service.CheckParam(param); + EXPECT_EQ(result, false); + + param.customDir_ = "test/../../../test/../../../../"; + result = service.CheckParam(param); + EXPECT_EQ(result, false); + + param.customDir_ = "test/./../../test/../../../../../"; + result = service.CheckParam(param); + EXPECT_EQ(result, false); + + param.customDir_ = "test/.../../../test/../../../"; + result = service.CheckParam(param); + EXPECT_EQ(result, true); + + param.customDir_ = "test/test/../../../test/test/../test/../../../"; + result = service.CheckParam(param); + EXPECT_EQ(result, true); + + param.customDir_ = "test/test/../../../../../test/test/test/"; + result = service.CheckParam(param); + EXPECT_EQ(result, false); + + param.customDir_ = ""; + result = service.CheckParam(param); + EXPECT_EQ(result, true); + + param.customDir_ = "/test"; + result = service.CheckParam(param); + EXPECT_EQ(result, false); + + param.customDir_ = "test//////////////////..///////../../"; + result = service.CheckParam(param); + EXPECT_EQ(result, true); + + param.customDir_ = "test/..//////////////////..///////../../"; + result = service.CheckParam(param); + EXPECT_EQ(result, false); + + param.customDir_ = "test/..//////////////////..///////../../"; + result = service.CheckParam(param); + EXPECT_EQ(result, false); + + param.customDir_ = "test/..////./././///////////..///////../../"; + result = service.CheckParam(param); + EXPECT_EQ(result, false); + + param.customDir_ = "test/..////./././//////////////////../../"; + result = service.CheckParam(param); + EXPECT_EQ(result, true); +} + +/** + * @tc.name: CheckParam007 + * @tc.desc: Test VerifyPromiseInfo when customDir is invalid and hapname is empty. + * @tc.type: FUNC + * @tc.require: + * @tc.author: zd + */ +HWTEST_F(RdbServiceImplTest, CheckParam007, TestSize.Level0) +{ + RdbServiceImpl service; + RdbSyncerParam param; + param.bundleName_ = "test"; + param.hapName_ = ""; + param.storeName_ = "test"; + param.user_ = "test"; + param.customDir_ = "test/../../test/../../../"; + bool result = service.CheckParam(param); + EXPECT_EQ(result, false); + + param.customDir_ = "test/../test/../../../../"; + result = service.CheckParam(param); + EXPECT_EQ(result, false); + + param.customDir_ = "test/../../../test/../../../../"; + result = service.CheckParam(param); + EXPECT_EQ(result, false); + + param.customDir_ = "test/../../../test/../../../../../"; + result = service.CheckParam(param); + EXPECT_EQ(result, false); + + param.customDir_ = "test/.../../test/../"; + result = service.CheckParam(param); + EXPECT_EQ(result, true); + + param.customDir_ = "test/test/../../../test/test/../test/../../"; + result = service.CheckParam(param); + EXPECT_EQ(result, true); + + param.customDir_ = "test/test/../../../../../test/test/test/"; + result = service.CheckParam(param); + EXPECT_EQ(result, false); + + param.customDir_ = ""; + result = service.CheckParam(param); + EXPECT_EQ(result, true); + + param.customDir_ = "/test"; + result = service.CheckParam(param); + EXPECT_EQ(result, false); + + param.customDir_ = "test//////////////////..///////../"; + result = service.CheckParam(param); + EXPECT_EQ(result, true); + + param.customDir_ = "test/..//////////////////..///////../../"; + result = service.CheckParam(param); + EXPECT_EQ(result, false); + + param.customDir_ = "test/..//////////////////..///////../../"; + result = service.CheckParam(param); + EXPECT_EQ(result, false); + + param.customDir_ = "test/..////./././///////////..///////../../"; + result = service.CheckParam(param); + EXPECT_EQ(result, false); + + param.customDir_ = "test/..////./././///////////////////../"; + result = service.CheckParam(param); + EXPECT_EQ(result, true); +} } // namespace DistributedRDBTest } // namespace OHOS::Test \ No newline at end of file -- Gitee