From 32af2cb0141dade105ec9b483d0dbb3599306c3b Mon Sep 17 00:00:00 2001 From: z30053452 Date: Mon, 14 Jul 2025 15:29:22 +0800 Subject: [PATCH 01/21] bug fix Signed-off-by: z30053452 --- .../service/kvdb/kvdb_service_impl.cpp | 13 +++++++++++++ .../service/kvdb/kvdb_service_impl.h | 1 + 2 files changed, 14 insertions(+) diff --git a/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp b/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp index 06373b517..f66259805 100644 --- a/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp +++ b/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp @@ -702,6 +702,11 @@ Status KVDBServiceImpl::BeforeCreate(const AppId &appId, const StoreId &storeId, { ZLOGD("appId:%{public}s storeId:%{public}s to export data", appId.appId.c_str(), Anonymous::Change(storeId.storeId).c_str()); + if (!IsValidPath(storeId) || !IsValidPath(appId)) { + ZLOGE("param is Invalid, appId:%{public}s storeId:%{public}s.", appId.appId.c_str(), + Anonymous::Change(storeId.storeId).c_str()); + return false; + } StoreMetaData meta = GetStoreMetaData(appId, storeId, options.subUser); AddOptions(options, meta); @@ -1584,4 +1589,12 @@ std::string KVDBServiceImpl::GenerateKey(const std::string &userId, const std::s } return key.append(userId).append(KEY_SEPARATOR).append(storeId); } + +bool RdbServiceImpl::IsValidPath(const std::string ¶m) +{ + if ((param.find("/") != std::string::npos) || (param.find("\\") != std::string::npos) || (param == "..")) { + return false; + } + return true; +} } // namespace OHOS::DistributedKv \ No newline at end of file diff --git a/services/distributeddataservice/service/kvdb/kvdb_service_impl.h b/services/distributeddataservice/service/kvdb/kvdb_service_impl.h index dd185700d..6ebf7f85d 100644 --- a/services/distributeddataservice/service/kvdb/kvdb_service_impl.h +++ b/services/distributeddataservice/service/kvdb/kvdb_service_impl.h @@ -166,6 +166,7 @@ private: std::string GenerateKey(const std::string &userId, const std::string &storeId) const; std::vector LoadSecretKey(const StoreMetaData &metaData, CryptoManager::SecretKeyType secretKeyType); void SaveSecretKeyMeta(const StoreMetaData &metaData, const std::vector &password); + static bool IsValidPath(const std::string& param); static Factory factory_; ConcurrentMap syncAgents_; std::shared_ptr executors_; -- Gitee From 5376f580b0ef3d0e755eeeecd29b39bcff0f5f92 Mon Sep 17 00:00:00 2001 From: z30053452 Date: Mon, 14 Jul 2025 15:47:18 +0800 Subject: [PATCH 02/21] code fix Signed-off-by: z30053452 --- .../service/test/kvdb_service_impl_test.cpp | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp b/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp index bc4c17a96..c6c1d512c 100644 --- a/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp +++ b/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp @@ -1555,5 +1555,35 @@ HWTEST_F(KvdbServiceImplTest, SubscribeSwitchData, TestSize.Level0) status = kvdbServiceImpl_->UnregServiceNotifier(appId); ASSERT_EQ(status, Status::SUCCESS); } + +/** +* @tc.name: IsValidPath001 +* @tc.desc: IsValidPath function test. +* @tc.type: FUNC +*/ +HWTEST_F(KvdbServiceImplTest, IsValidPath001, TestSize.Level0) +{ + EXPECT_TRUE(rdbService.IsValidPath("validpath")); + EXPECT_TRUE(rdbService.IsValidPath("another_valid_path")); + EXPECT_TRUE(rdbService.IsValidPath("file123")); +} + +/** +* @tc.name: IsValidPath002 +* @tc.desc: IsValidPath function test. +* @tc.type: FUNC +*/ +HWTEST_F(KvdbServiceImplTest, IsValidPath002, TestSize.Level0) +{ + EXPECT_FALSE(rdbService.IsValidPath("path/with/forward/slash")); + EXPECT_FALSE(rdbService.IsValidPath("/starting/slash")); + EXPECT_FALSE(rdbService.IsValidPath("ending/slash/")); + EXPECT_FALSE(rdbService.IsValidPath("path\\with\\backslash")); + EXPECT_FALSE(rdbService.IsValidPath("\\starting\\backslash")); + EXPECT_FALSE(rdbService.IsValidPath("ending\\backslash\\")); + EXPECT_FALSE(rdbService.IsValidPath("..")); + EXPECT_FALSE(rdbService.IsValidPath("path/with\\mixed/slashes")); + EXPECT_FALSE(rdbService.IsValidPath("path\\with/mixed\\slashes")); +} } // namespace DistributedDataTest } // namespace OHOS::Test -- Gitee From 9ea2a98789ad2109e515ad3b0b72db7d8652f863 Mon Sep 17 00:00:00 2001 From: z30053452 Date: Mon, 14 Jul 2025 16:16:36 +0800 Subject: [PATCH 03/21] code fix Signed-off-by: z30053452 --- .../service/test/kvdb_service_impl_test.cpp | 62 +++++++++++++++++++ 1 file changed, 62 insertions(+) diff --git a/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp b/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp index c6c1d512c..7731f35f6 100644 --- a/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp +++ b/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp @@ -995,6 +995,68 @@ HWTEST_F(KvdbServiceImplTest, BeforeCreateTest001, TestSize.Level0) ASSERT_EQ(status, Status::SUCCESS); } +/** +* @tc.name: BeforeCreateTest002 +* @tc.desc: BeforeCreate test +* @tc.type: FUNC +*/ +HWTEST_F(KvdbServiceImplTest, BeforeCreateTest002, TestSize.Level0) +{ + OHOS::DistributedKv::StoreId storeId1 = { "\\kvdb_test_storeid" }; + OHOS::DistributedKv::AppId appId1 = { "/ohos.test.kvdb" }; + Status status1 = manager.GetSingleKvStore(create, appId1, storeId1, kvStore); + ASSERT_NE(kvStore, nullptr); + ASSERT_EQ(status1, Status::SUCCESS); + Options creates; + creates.createIfMissing = true; + creates.encrypt = false; + creates.securityLevel = OHOS::DistributedKv::S1; + creates.autoSync = true; + creates.kvStoreType = OHOS::DistributedKv::SINGLE_VERSION; + creates.area = OHOS::DistributedKv::EL1; + creates.baseDir = std::string("/data/service/el1/public/database/") + appId1.appId; + creates.cloudConfig.enableCloud = true; + kvdbServiceImpl_->executors_ = std::make_shared(1, 1); + EXPECT_CALL(*metaDataManagerMock, LoadMeta(testing::_, testing::_, testing::_)) + .WillOnce(testing::Return(false)) + .WillRepeatedly(testing::Return(false)); + auto status = kvdbServiceImpl_->BeforeCreate(appId1, storeId1, creates); + ASSERT_NE(status, Status::STORE_META_CHANGED); + kvdbServiceImpl_->executors_ = nullptr; + ASSERT_EQ(status, Status::SUCCESS); +} + +/** +* @tc.name: BeforeCreateTest003 +* @tc.desc: BeforeCreate test +* @tc.type: FUNC +*/ +HWTEST_F(KvdbServiceImplTest, BeforeCreateTest003, TestSize.Level0) +{ + OHOS::DistributedKv::StoreId storeId1 = { "../kvdb_test_storeid" }; + OHOS::DistributedKv::AppId appId1 = { "ohos.test.kvdb" }; + Status status1 = manager.GetSingleKvStore(create, appId1, storeId1, kvStore); + ASSERT_NE(kvStore, nullptr); + ASSERT_EQ(status1, Status::SUCCESS); + Options creates; + creates.createIfMissing = true; + creates.encrypt = false; + creates.securityLevel = OHOS::DistributedKv::S1; + creates.autoSync = true; + creates.kvStoreType = OHOS::DistributedKv::SINGLE_VERSION; + creates.area = OHOS::DistributedKv::EL1; + creates.baseDir = std::string("/data/service/el1/public/database/") + appId1.appId; + creates.cloudConfig.enableCloud = true; + kvdbServiceImpl_->executors_ = std::make_shared(1, 1); + EXPECT_CALL(*metaDataManagerMock, LoadMeta(testing::_, testing::_, testing::_)) + .WillOnce(testing::Return(false)) + .WillRepeatedly(testing::Return(false)); + auto status = kvdbServiceImpl_->BeforeCreate(appId1, storeId1, creates); + ASSERT_NE(status, Status::STORE_META_CHANGED); + kvdbServiceImpl_->executors_ = nullptr; + ASSERT_EQ(status, Status::SUCCESS); +} + /** * @tc.name: AfterCreateTest001 * @tc.desc: AfterCreate test -- Gitee From 698ccc09b4e1d37da635d6d54ec9bb092f0ddb9d Mon Sep 17 00:00:00 2001 From: z30053452 Date: Mon, 14 Jul 2025 16:37:51 +0800 Subject: [PATCH 04/21] code fix Signed-off-by: z30053452 --- .../service/kvdb/kvdb_service_impl.cpp | 2 +- .../service/test/kvdb_service_impl_test.cpp | 24 +++++++++---------- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp b/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp index f66259805..777c1d633 100644 --- a/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp +++ b/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp @@ -705,7 +705,7 @@ Status KVDBServiceImpl::BeforeCreate(const AppId &appId, const StoreId &storeId, if (!IsValidPath(storeId) || !IsValidPath(appId)) { ZLOGE("param is Invalid, appId:%{public}s storeId:%{public}s.", appId.appId.c_str(), Anonymous::Change(storeId.storeId).c_str()); - return false; + return INVALID_ARGUMENT; } StoreMetaData meta = GetStoreMetaData(appId, storeId, options.subUser); AddOptions(options, meta); diff --git a/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp b/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp index 7731f35f6..71f8df25c 100644 --- a/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp +++ b/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp @@ -1625,9 +1625,9 @@ HWTEST_F(KvdbServiceImplTest, SubscribeSwitchData, TestSize.Level0) */ HWTEST_F(KvdbServiceImplTest, IsValidPath001, TestSize.Level0) { - EXPECT_TRUE(rdbService.IsValidPath("validpath")); - EXPECT_TRUE(rdbService.IsValidPath("another_valid_path")); - EXPECT_TRUE(rdbService.IsValidPath("file123")); + EXPECT_TRUE(kvdbServiceImpl_->IsValidPath("validpath")); + EXPECT_TRUE(kvdbServiceImpl_->IsValidPath("another_valid_path")); + EXPECT_TRUE(kvdbServiceImpl_->IsValidPath("file123")); } /** @@ -1637,15 +1637,15 @@ HWTEST_F(KvdbServiceImplTest, IsValidPath001, TestSize.Level0) */ HWTEST_F(KvdbServiceImplTest, IsValidPath002, TestSize.Level0) { - EXPECT_FALSE(rdbService.IsValidPath("path/with/forward/slash")); - EXPECT_FALSE(rdbService.IsValidPath("/starting/slash")); - EXPECT_FALSE(rdbService.IsValidPath("ending/slash/")); - EXPECT_FALSE(rdbService.IsValidPath("path\\with\\backslash")); - EXPECT_FALSE(rdbService.IsValidPath("\\starting\\backslash")); - EXPECT_FALSE(rdbService.IsValidPath("ending\\backslash\\")); - EXPECT_FALSE(rdbService.IsValidPath("..")); - EXPECT_FALSE(rdbService.IsValidPath("path/with\\mixed/slashes")); - EXPECT_FALSE(rdbService.IsValidPath("path\\with/mixed\\slashes")); + EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("path/with/forward/slash")); + EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("/starting/slash")); + EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("ending/slash/")); + EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("path\\with\\backslash")); + EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("\\starting\\backslash")); + EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("ending\\backslash\\")); + EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("..")); + EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("path/with\\mixed/slashes")); + EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("path\\with/mixed\\slashes")); } } // namespace DistributedDataTest } // namespace OHOS::Test -- Gitee From 4fda5957843997ed50c91f4c8b91262040def475 Mon Sep 17 00:00:00 2001 From: z30053452 Date: Mon, 14 Jul 2025 17:40:28 +0800 Subject: [PATCH 05/21] code fix Signed-off-by: z30053452 --- .../service/kvdb/kvdb_service_impl.cpp | 35 ++++-- .../service/test/kvdb_service_impl_test.cpp | 117 ++++++++---------- 2 files changed, 82 insertions(+), 70 deletions(-) diff --git a/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp b/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp index 777c1d633..ac607c27e 100644 --- a/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp +++ b/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp @@ -293,9 +293,11 @@ Status KVDBServiceImpl::NotifyDataChange(const AppId &appId, const StoreId &stor Status KVDBServiceImpl::PutSwitch(const AppId &appId, const SwitchData &data) { - if (data.value == DeviceMatrix::INVALID_VALUE || data.length == DeviceMatrix::INVALID_LENGTH) { + if (data.value == DeviceMatrix::INVALID_VALUE || data.length == DeviceMatrix::INVALID_LENGTH || + !IsValidPath(appId)) { return Status::INVALID_ARGUMENT; } + auto deviceId = DMAdapter::GetInstance().GetLocalDevice().uuid; SwitchesMetaData oldMeta; oldMeta.deviceId = deviceId; @@ -489,6 +491,11 @@ Status KVDBServiceImpl::GetSyncParam(const AppId &appId, const StoreId &storeId, Status KVDBServiceImpl::EnableCapability(const AppId &appId, const StoreId &storeId, int32_t subUser) { + if (!IsValidPath(storeId) || !IsValidPath(appId)) { + ZLOGE("param is Invalid, appId:%{public}s storeId:%{public}s.", appId.appId.c_str(), + Anonymous::Change(storeId.storeId).c_str()); + return INVALID_ARGUMENT; + } StrategyMeta strategyMeta = GetStrategyMeta(appId, storeId, subUser); if (strategyMeta.instanceId < 0) { return ILLEGAL_STATE; @@ -501,6 +508,11 @@ Status KVDBServiceImpl::EnableCapability(const AppId &appId, const StoreId &stor Status KVDBServiceImpl::DisableCapability(const AppId &appId, const StoreId &storeId, int32_t subUser) { + if (!IsValidPath(storeId) || !IsValidPath(appId)) { + ZLOGE("param is Invalid, appId:%{public}s storeId:%{public}s.", appId.appId.c_str(), + Anonymous::Change(storeId.storeId).c_str()); + return INVALID_ARGUMENT; + } StrategyMeta strategyMeta = GetStrategyMeta(appId, storeId, subUser); if (strategyMeta.instanceId < 0) { return ILLEGAL_STATE; @@ -514,6 +526,11 @@ Status KVDBServiceImpl::DisableCapability(const AppId &appId, const StoreId &sto Status KVDBServiceImpl::SetCapability(const AppId &appId, const StoreId &storeId, int32_t subUser, const std::vector &local, const std::vector &remote) { + if (!IsValidPath(storeId) || !IsValidPath(appId)) { + ZLOGE("param is Invalid, appId:%{public}s storeId:%{public}s.", appId.appId.c_str(), + Anonymous::Change(storeId.storeId).c_str()); + return INVALID_ARGUMENT; + } StrategyMeta strategy = GetStrategyMeta(appId, storeId, subUser); if (strategy.instanceId < 0) { return ILLEGAL_STATE; @@ -664,6 +681,11 @@ Status KVDBServiceImpl::GetBackupPassword(const AppId &appId, const StoreId &sto Status KVDBServiceImpl::SetConfig(const AppId &appId, const StoreId &storeId, const StoreConfig &storeConfig) { + if (!IsValidPath(storeId) || !IsValidPath(appId)) { + ZLOGE("param is Invalid, appId:%{public}s storeId:%{public}s.", appId.appId.c_str(), + Anonymous::Change(storeId.storeId).c_str()); + return INVALID_ARGUMENT; + } StoreMetaData meta = GetStoreMetaData(appId, storeId); StoreMetaMapping storeMetaMapping(meta); MetaDataManager::GetInstance().LoadMeta(storeMetaMapping.GetKey(), storeMetaMapping, true); @@ -702,11 +724,6 @@ Status KVDBServiceImpl::BeforeCreate(const AppId &appId, const StoreId &storeId, { ZLOGD("appId:%{public}s storeId:%{public}s to export data", appId.appId.c_str(), Anonymous::Change(storeId.storeId).c_str()); - if (!IsValidPath(storeId) || !IsValidPath(appId)) { - ZLOGE("param is Invalid, appId:%{public}s storeId:%{public}s.", appId.appId.c_str(), - Anonymous::Change(storeId.storeId).c_str()); - return INVALID_ARGUMENT; - } StoreMetaData meta = GetStoreMetaData(appId, storeId, options.subUser); AddOptions(options, meta); @@ -786,7 +803,11 @@ Status KVDBServiceImpl::AfterCreate( options.kvStoreType, appId.appId.c_str(), Anonymous::Change(storeId.storeId).c_str(), options.dataType); return INVALID_ARGUMENT; } - + if (!IsValidPath(storeId) || !IsValidPath(appId)) { + ZLOGE("param is Invalid, appId:%{public}s storeId:%{public}s.", appId.appId.c_str(), + Anonymous::Change(storeId.storeId).c_str()); + return INVALID_ARGUMENT; + } StoreMetaData metaData = GetStoreMetaData(appId, storeId, options.subUser); AddOptions(options, metaData); diff --git a/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp b/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp index 71f8df25c..bd95eef65 100644 --- a/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp +++ b/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp @@ -619,7 +619,13 @@ HWTEST_F(KvdbServiceImplTest, EnableCapabilityTest001, TestSize.Level0) EXPECT_CALL(*accTokenMock, GetTokenTypeFlag(testing::_)) .WillOnce(testing::Return(ATokenTypeEnum::TOKEN_NATIVE)) .WillRepeatedly(testing::Return(ATokenTypeEnum::TOKEN_NATIVE)); - auto status = kvdbServiceImpl_->EnableCapability(appId, storeId, 0); + AppId appId1; + appId1.appId = "../kvdb_test_storeid"; + StoreId storeId1; + storeId1.storeId = "ohos.test.kvdb"; + auto status = kvdbServiceImpl_->EnableCapability(appId1, storeId1, 0); + ASSERT_EQ(status, Status::INVALID_ARGUMENT); + status = kvdbServiceImpl_->EnableCapability(appId, storeId, 0); ASSERT_EQ(status, Status::SUCCESS); EXPECT_CALL(*accTokenMock, GetTokenTypeFlag(testing::_)) .WillOnce(testing::Return(ATokenTypeEnum::TOKEN_HAP)) @@ -845,7 +851,13 @@ HWTEST_F(KvdbServiceImplTest, DisableCapabilityTest001, TestSize.Level0) EXPECT_CALL(*accTokenMock, GetTokenTypeFlag(testing::_)) .WillOnce(testing::Return(ATokenTypeEnum::TOKEN_NATIVE)) .WillRepeatedly(testing::Return(ATokenTypeEnum::TOKEN_NATIVE)); - auto status = kvdbServiceImpl_->DisableCapability(appId, storeId, 0); + AppId appId1; + appId1.appId = "../kvdb_test_storeid"; + StoreId storeId1; + storeId1.storeId = "ohos.test.kvdb"; + auto status = kvdbServiceImpl_->DisableCapability(appId1, storeId1, 0); + ASSERT_EQ(status, Status::INVALID_ARGUMENT); + status = kvdbServiceImpl_->DisableCapability(appId, storeId, 0); ZLOGI("DisableCapabilityTest001 status = :%{public}d", status); ASSERT_EQ(status, Status::SUCCESS); EXPECT_CALL(*accTokenMock, GetTokenTypeFlag(testing::_)) @@ -875,6 +887,12 @@ HWTEST_F(KvdbServiceImplTest, SetCapabilityTest001, TestSize.Level0) auto status = kvdbServiceImpl_->SetCapability(appId, storeId, 0, local, remote); ZLOGI("SetCapabilityTest001 status = :%{public}d", status); ASSERT_EQ(status, Status::SUCCESS); + AppId appId1; + appId1.appId = "../kvdb_test_storeid"; + StoreId storeId1; + storeId1.storeId = "ohos.test.kvdb"; + status = kvdbServiceImpl_->SetCapability(appId1, storeId1, 0, local, remote); + ASSERT_EQ(status, Status::INVALID_ARGUMENT); EXPECT_CALL(*accTokenMock, GetTokenTypeFlag(testing::_)) .WillOnce(testing::Return(ATokenTypeEnum::TOKEN_HAP)) .WillRepeatedly(testing::Return(ATokenTypeEnum::TOKEN_HAP)); @@ -996,76 +1014,42 @@ HWTEST_F(KvdbServiceImplTest, BeforeCreateTest001, TestSize.Level0) } /** -* @tc.name: BeforeCreateTest002 -* @tc.desc: BeforeCreate test -* @tc.type: FUNC -*/ -HWTEST_F(KvdbServiceImplTest, BeforeCreateTest002, TestSize.Level0) -{ - OHOS::DistributedKv::StoreId storeId1 = { "\\kvdb_test_storeid" }; - OHOS::DistributedKv::AppId appId1 = { "/ohos.test.kvdb" }; - Status status1 = manager.GetSingleKvStore(create, appId1, storeId1, kvStore); - ASSERT_NE(kvStore, nullptr); - ASSERT_EQ(status1, Status::SUCCESS); - Options creates; - creates.createIfMissing = true; - creates.encrypt = false; - creates.securityLevel = OHOS::DistributedKv::S1; - creates.autoSync = true; - creates.kvStoreType = OHOS::DistributedKv::SINGLE_VERSION; - creates.area = OHOS::DistributedKv::EL1; - creates.baseDir = std::string("/data/service/el1/public/database/") + appId1.appId; - creates.cloudConfig.enableCloud = true; - kvdbServiceImpl_->executors_ = std::make_shared(1, 1); - EXPECT_CALL(*metaDataManagerMock, LoadMeta(testing::_, testing::_, testing::_)) - .WillOnce(testing::Return(false)) - .WillRepeatedly(testing::Return(false)); - auto status = kvdbServiceImpl_->BeforeCreate(appId1, storeId1, creates); - ASSERT_NE(status, Status::STORE_META_CHANGED); - kvdbServiceImpl_->executors_ = nullptr; - ASSERT_EQ(status, Status::SUCCESS); -} - -/** -* @tc.name: BeforeCreateTest003 -* @tc.desc: BeforeCreate test +* @tc.name: AfterCreateTest001 +* @tc.desc: AfterCreate test * @tc.type: FUNC +* @tc.author: wangbin */ -HWTEST_F(KvdbServiceImplTest, BeforeCreateTest003, TestSize.Level0) +HWTEST_F(KvdbServiceImplTest, AfterCreateTest001, TestSize.Level0) { - OHOS::DistributedKv::StoreId storeId1 = { "../kvdb_test_storeid" }; - OHOS::DistributedKv::AppId appId1 = { "ohos.test.kvdb" }; - Status status1 = manager.GetSingleKvStore(create, appId1, storeId1, kvStore); + ZLOGI("AfterCreateTest001 start"); + Status status1 = manager.GetSingleKvStore(create, appId, storeId, kvStore); ASSERT_NE(kvStore, nullptr); ASSERT_EQ(status1, Status::SUCCESS); - Options creates; - creates.createIfMissing = true; - creates.encrypt = false; - creates.securityLevel = OHOS::DistributedKv::S1; - creates.autoSync = true; - creates.kvStoreType = OHOS::DistributedKv::SINGLE_VERSION; - creates.area = OHOS::DistributedKv::EL1; - creates.baseDir = std::string("/data/service/el1/public/database/") + appId1.appId; - creates.cloudConfig.enableCloud = true; - kvdbServiceImpl_->executors_ = std::make_shared(1, 1); - EXPECT_CALL(*metaDataManagerMock, LoadMeta(testing::_, testing::_, testing::_)) - .WillOnce(testing::Return(false)) - .WillRepeatedly(testing::Return(false)); - auto status = kvdbServiceImpl_->BeforeCreate(appId1, storeId1, creates); - ASSERT_NE(status, Status::STORE_META_CHANGED); - kvdbServiceImpl_->executors_ = nullptr; + std::vector password; + auto status = kvdbServiceImpl_->AfterCreate(appId, storeId, create, password); + ZLOGI("AfterCreateTest001 status = :%{public}d", status); ASSERT_EQ(status, Status::SUCCESS); + AppId appIds; + appIds.appId = ""; + status = kvdbServiceImpl_->AfterCreate(appIds, storeId, create, password); + ASSERT_EQ(status, Status::INVALID_ARGUMENT); + StoreId storeIds; + storeIds.storeId = ""; + status = kvdbServiceImpl_->AfterCreate(appId, storeIds, create, password); + ASSERT_EQ(status, Status::INVALID_ARGUMENT); + status = kvdbServiceImpl_->AfterCreate(appIds, storeIds, create, password); + ASSERT_EQ(status, Status::INVALID_ARGUMENT); } /** -* @tc.name: AfterCreateTest001 +* @tc.name: AfterCreateTest002 * @tc.desc: AfterCreate test * @tc.type: FUNC * @tc.author: wangbin */ -HWTEST_F(KvdbServiceImplTest, AfterCreateTest001, TestSize.Level0) +HWTEST_F(KvdbServiceImplTest, AfterCreateTest002, TestSize.Level0) { - ZLOGI("AfterCreateTest001 start"); + ZLOGI("AfterCreateTest002 start"); Status status1 = manager.GetSingleKvStore(create, appId, storeId, kvStore); ASSERT_NE(kvStore, nullptr); ASSERT_EQ(status1, Status::SUCCESS); @@ -1074,15 +1058,15 @@ HWTEST_F(KvdbServiceImplTest, AfterCreateTest001, TestSize.Level0) ZLOGI("AfterCreateTest001 status = :%{public}d", status); ASSERT_EQ(status, Status::SUCCESS); AppId appIds; - appIds.appId = ""; + appIds.appId = "../kvdb_test_storeid"; + StoreId storeIds; + storeIds.storeId = "ohos.test.kvdb"; status = kvdbServiceImpl_->AfterCreate(appIds, storeId, create, password); ASSERT_EQ(status, Status::INVALID_ARGUMENT); - StoreId storeIds; - storeIds.storeId = ""; + appIds.appId = "kvdb_test_storeid"; + storeIds.storeId = "\\ohos.test.kvdb"; status = kvdbServiceImpl_->AfterCreate(appId, storeIds, create, password); ASSERT_EQ(status, Status::INVALID_ARGUMENT); - status = kvdbServiceImpl_->AfterCreate(appIds, storeIds, create, password); - ASSERT_EQ(status, Status::INVALID_ARGUMENT); } /** @@ -1245,6 +1229,13 @@ HWTEST_F(KvdbServiceImplTest, PutSwitch, TestSize.Level0) switchData.length = DeviceMatrix::INVALID_LEVEL; status = kvdbServiceImpl_->PutSwitch(appId, switchData); EXPECT_EQ(status, Status::SUCCESS); + switchData.value = DeviceMatrix::INVALID_VALUE; + switchData.length = DeviceMatrix::INVALID_LENGTH; + status = kvdbServiceImpl_->PutSwitch(appId, switchData); + EXPECT_EQ(status, Status::INVALID_ARGUMENT); + Appid appId1 = "\\ohos.test.kvdb"; + status = kvdbServiceImpl_->PutSwitch(appId1, switchData); + EXPECT_EQ(status, Status::INVALID_ARGUMENT); std::string networkId = "networkId"; status = kvdbServiceImpl_->GetSwitch(appId, networkId, switchData); EXPECT_EQ(status, Status::INVALID_ARGUMENT); -- Gitee From 4a047d6b5b89438a5dec348b80b74be6ea284ac5 Mon Sep 17 00:00:00 2001 From: z30053452 Date: Mon, 14 Jul 2025 19:14:38 +0800 Subject: [PATCH 06/21] code fix Signed-off-by: z30053452 --- .../distributeddataservice/service/kvdb/kvdb_service_impl.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp b/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp index ac607c27e..9ee21ed6e 100644 --- a/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp +++ b/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp @@ -1611,7 +1611,7 @@ std::string KVDBServiceImpl::GenerateKey(const std::string &userId, const std::s return key.append(userId).append(KEY_SEPARATOR).append(storeId); } -bool RdbServiceImpl::IsValidPath(const std::string ¶m) +bool KVDBServiceImpl::IsValidPath(const std::string ¶m) { if ((param.find("/") != std::string::npos) || (param.find("\\") != std::string::npos) || (param == "..")) { return false; -- Gitee From 224a81388c24e7199bb2ad3b723040dad098abdd Mon Sep 17 00:00:00 2001 From: z30053452 Date: Mon, 14 Jul 2025 20:07:52 +0800 Subject: [PATCH 07/21] code fix Signed-off-by: z30053452 --- .../service/test/kvdb_service_impl_test.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp b/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp index bd95eef65..9b199ce8a 100644 --- a/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp +++ b/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp @@ -1233,7 +1233,8 @@ HWTEST_F(KvdbServiceImplTest, PutSwitch, TestSize.Level0) switchData.length = DeviceMatrix::INVALID_LENGTH; status = kvdbServiceImpl_->PutSwitch(appId, switchData); EXPECT_EQ(status, Status::INVALID_ARGUMENT); - Appid appId1 = "\\ohos.test.kvdb"; + AppId appId1; + appId1.appId = "\\ohos.test.kvdb"; status = kvdbServiceImpl_->PutSwitch(appId1, switchData); EXPECT_EQ(status, Status::INVALID_ARGUMENT); std::string networkId = "networkId"; -- Gitee From 9aa07a6eeb604afee49254ca12137629c42a7c9f Mon Sep 17 00:00:00 2001 From: z30053452 Date: Tue, 15 Jul 2025 15:09:22 +0800 Subject: [PATCH 08/21] code fix Signed-off-by: z30053452 --- .../distributeddataservice/framework/BUILD.gn | 1 + .../include/utils/verification_utils.h | 27 ++++++++ .../framework/test/BUILD.gn | 10 +++ .../test/verification_utils_test.cpp | 61 +++++++++++++++++++ .../framework/utils/verification_utils.cpp | 28 +++++++++ .../service/kvdb/kvdb_service_impl.cpp | 18 ++---- .../service/kvdb/kvdb_service_impl.h | 1 - .../service/test/kvdb_service_impl_test.cpp | 30 --------- 8 files changed, 133 insertions(+), 43 deletions(-) create mode 100644 services/distributeddataservice/framework/include/utils/verification_utils.h create mode 100644 services/distributeddataservice/framework/test/verification_utils_test.cpp create mode 100644 services/distributeddataservice/framework/utils/verification_utils.cpp diff --git a/services/distributeddataservice/framework/BUILD.gn b/services/distributeddataservice/framework/BUILD.gn index c02ccc84c..e812213c2 100644 --- a/services/distributeddataservice/framework/BUILD.gn +++ b/services/distributeddataservice/framework/BUILD.gn @@ -113,6 +113,7 @@ ohos_shared_library("distributeddatasvcfwk") { "utils/crypto.cpp", "utils/ref_count.cpp", "utils/time_utils.cpp", + "utils/verification_utils.cpp", ] cflags = [ diff --git a/services/distributeddataservice/framework/include/utils/verification_utils.h b/services/distributeddataservice/framework/include/utils/verification_utils.h new file mode 100644 index 000000000..5e1f58c8d --- /dev/null +++ b/services/distributeddataservice/framework/include/utils/verification_utils.h @@ -0,0 +1,27 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef OHOS_DISTRIBUTED_DATA_FRAMEWORKS_VERIFICATION_UTILS_H +#define OHOS_DISTRIBUTED_DATA_FRAMEWORKS_VERIFICATION_UTILS_H +#include "visibility.h" + +namespace OHOS { +namespace DistributedData { +class VerificationUtils { +public: + API_EXPORT static bool IfContainIllegalField(const std::string& param); +}; +} // namespace DistributedData +} // namespace OHOS +#endif \ No newline at end of file diff --git a/services/distributeddataservice/framework/test/BUILD.gn b/services/distributeddataservice/framework/test/BUILD.gn index 37a5bafdd..38f653178 100644 --- a/services/distributeddataservice/framework/test/BUILD.gn +++ b/services/distributeddataservice/framework/test/BUILD.gn @@ -407,6 +407,15 @@ ohos_unittest("DeviceSyncAppManagerTest") { deps = [ "${data_service_path}/framework:distributeddatasvcfwk" ] external_deps = [ "kv_store:datamgr_common" ] } + +ohos_unittest("VerificationUtilsTest") { + module_out_path = module_output_path + sources = [ "verification_utils_test.cpp" ] + configs = [ ":module_private_config" ] + deps = [ "${data_service_path}/framework:distributeddatasvcfwk" ] + external_deps = [ "kv_store:datamgr_common" ] +} + ############################################################################### group("unittest") { testonly = true @@ -436,6 +445,7 @@ group("unittest") { ":StoreMetaDataLocalTest", ":StoreTest", ":SubscriptionTest", + ":VerificationUtilsTest" ] } ############################################################################### diff --git a/services/distributeddataservice/framework/test/verification_utils_test.cpp b/services/distributeddataservice/framework/test/verification_utils_test.cpp new file mode 100644 index 000000000..e5dc8484b --- /dev/null +++ b/services/distributeddataservice/framework/test/verification_utils_test.cpp @@ -0,0 +1,61 @@ +/* + +Copyright (c) 2023 Huawei Device Co., Ltd. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at +http://www.apache.org/licenses/LICENSE-2.0 +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +#include "utils/verification_utils.h" + +#include + +using namespace testing::ext; +using namespace OHOS::DistributedData; +namespace OHOS::Test { + class VerificationUtilsTest : public testing::Test { + public: + const std::map testRelation = { { "testUserId", "testBundleName" } }; + const std::map testExpiresTime = { { "1h", 3600 } }; + static void SetUpTestCase(void) {}; + static void TearDownTestCase(void) {}; + void SetUp() {}; + void TearDown() {}; + }; + +/** + +@tc.name: IfContainIllegalField001 +@tc.desc: IfContainIllegalField function test. +@tc.type: FUNC +*/ + HWTEST_F(VerificationUtilsTest, IfContainIllegalField001, TestSize.Level0) +{ + EXPECT_TRUE(VerificationUtils::IfContainIllegalField("validpath")); + EXPECT_TRUE(VerificationUtils::IfContainIllegalField("another_valid_path")); + EXPECT_TRUE(VerificationUtils::IfContainIllegalField("file123")); +} +/** + +@tc.name: IfContainIllegalField002 +@tc.desc: IfContainIllegalField function test. +@tc.type: FUNC +*/ +HWTEST_F(VerificationUtilsTest, IfContainIllegalField002, TestSize.Level0) +{ + EXPECT_FALSE(VerificationUtils::IfContainIllegalField("path/with/forward/slash")); + EXPECT_FALSE(VerificationUtils::IfContainIllegalField("/starting/slash")); + EXPECT_FALSE(VerificationUtils::IfContainIllegalField("ending/slash/")); + EXPECT_FALSE(VerificationUtils::IfContainIllegalField("path\with\backslash")); + EXPECT_FALSE(VerificationUtils::IfContainIllegalField("\starting\backslash")); + EXPECT_FALSE(VerificationUtils::IfContainIllegalField("ending\backslash\")); + EXPECT_FALSE(VerificationUtils::IfContainIllegalField("..")); + EXPECT_FALSE(VerificationUtils::IfContainIllegalField("path/with\mixed/slashes")); + EXPECT_FALSE(VerificationUtils::IfContainIllegalField("path\with/mixed\slashes")); +} +} // namespace OHOS::Test \ No newline at end of file diff --git a/services/distributeddataservice/framework/utils/verification_utils.cpp b/services/distributeddataservice/framework/utils/verification_utils.cpp new file mode 100644 index 000000000..fb5684853 --- /dev/null +++ b/services/distributeddataservice/framework/utils/verification_utils.cpp @@ -0,0 +1,28 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#define LOG_TAG "VerificationUtils" +#include "utils/verification_utils.h" + +namespace OHOS { +namespace DistributedData { +bool VerificationUtils::IfContainIllegalField(const std::string ¶m) +{ + if ((param.find("/") != std::string::npos) || (param.find("\\") != std::string::npos) || (param == "..")) { + return false; + } + return true; +} +} // namespace DistributedData +} // namespace OHOS \ No newline at end of file diff --git a/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp b/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp index 9ee21ed6e..1b6348e61 100644 --- a/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp +++ b/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp @@ -50,6 +50,7 @@ #include "utils/converter.h" #include "app_id_mapping/app_id_mapping_config_manager.h" #include "network/network_delegate.h" +#include "utils/verification_utils.h" namespace OHOS::DistributedKv { using namespace OHOS::DistributedData; @@ -294,7 +295,7 @@ Status KVDBServiceImpl::NotifyDataChange(const AppId &appId, const StoreId &stor Status KVDBServiceImpl::PutSwitch(const AppId &appId, const SwitchData &data) { if (data.value == DeviceMatrix::INVALID_VALUE || data.length == DeviceMatrix::INVALID_LENGTH || - !IsValidPath(appId)) { + !VerificationUtils::IfContainIllegalField(appId)) { return Status::INVALID_ARGUMENT; } @@ -491,7 +492,7 @@ Status KVDBServiceImpl::GetSyncParam(const AppId &appId, const StoreId &storeId, Status KVDBServiceImpl::EnableCapability(const AppId &appId, const StoreId &storeId, int32_t subUser) { - if (!IsValidPath(storeId) || !IsValidPath(appId)) { + if (!VerificationUtils::IfContainIllegalField(storeId) || !VerificationUtils::IfContainIllegalField(appId)) { ZLOGE("param is Invalid, appId:%{public}s storeId:%{public}s.", appId.appId.c_str(), Anonymous::Change(storeId.storeId).c_str()); return INVALID_ARGUMENT; @@ -508,7 +509,7 @@ Status KVDBServiceImpl::EnableCapability(const AppId &appId, const StoreId &stor Status KVDBServiceImpl::DisableCapability(const AppId &appId, const StoreId &storeId, int32_t subUser) { - if (!IsValidPath(storeId) || !IsValidPath(appId)) { + if (!VerificationUtils::IfContainIllegalField(storeId) || !VerificationUtils::IfContainIllegalField(appId)) { ZLOGE("param is Invalid, appId:%{public}s storeId:%{public}s.", appId.appId.c_str(), Anonymous::Change(storeId.storeId).c_str()); return INVALID_ARGUMENT; @@ -803,7 +804,8 @@ Status KVDBServiceImpl::AfterCreate( options.kvStoreType, appId.appId.c_str(), Anonymous::Change(storeId.storeId).c_str(), options.dataType); return INVALID_ARGUMENT; } - if (!IsValidPath(storeId) || !IsValidPath(appId)) { + if (!VerificationUtils::IfContainIllegalField(storeId) || !VerificationUtils::IfContainIllegalField(appId) || + !VerificationUtils::IfContainIllegalField(options.hapName)) { ZLOGE("param is Invalid, appId:%{public}s storeId:%{public}s.", appId.appId.c_str(), Anonymous::Change(storeId.storeId).c_str()); return INVALID_ARGUMENT; @@ -1610,12 +1612,4 @@ std::string KVDBServiceImpl::GenerateKey(const std::string &userId, const std::s } return key.append(userId).append(KEY_SEPARATOR).append(storeId); } - -bool KVDBServiceImpl::IsValidPath(const std::string ¶m) -{ - if ((param.find("/") != std::string::npos) || (param.find("\\") != std::string::npos) || (param == "..")) { - return false; - } - return true; -} } // namespace OHOS::DistributedKv \ No newline at end of file diff --git a/services/distributeddataservice/service/kvdb/kvdb_service_impl.h b/services/distributeddataservice/service/kvdb/kvdb_service_impl.h index 6ebf7f85d..dd185700d 100644 --- a/services/distributeddataservice/service/kvdb/kvdb_service_impl.h +++ b/services/distributeddataservice/service/kvdb/kvdb_service_impl.h @@ -166,7 +166,6 @@ private: std::string GenerateKey(const std::string &userId, const std::string &storeId) const; std::vector LoadSecretKey(const StoreMetaData &metaData, CryptoManager::SecretKeyType secretKeyType); void SaveSecretKeyMeta(const StoreMetaData &metaData, const std::vector &password); - static bool IsValidPath(const std::string& param); static Factory factory_; ConcurrentMap syncAgents_; std::shared_ptr executors_; diff --git a/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp b/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp index 9b199ce8a..de2613d54 100644 --- a/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp +++ b/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp @@ -1609,35 +1609,5 @@ HWTEST_F(KvdbServiceImplTest, SubscribeSwitchData, TestSize.Level0) status = kvdbServiceImpl_->UnregServiceNotifier(appId); ASSERT_EQ(status, Status::SUCCESS); } - -/** -* @tc.name: IsValidPath001 -* @tc.desc: IsValidPath function test. -* @tc.type: FUNC -*/ -HWTEST_F(KvdbServiceImplTest, IsValidPath001, TestSize.Level0) -{ - EXPECT_TRUE(kvdbServiceImpl_->IsValidPath("validpath")); - EXPECT_TRUE(kvdbServiceImpl_->IsValidPath("another_valid_path")); - EXPECT_TRUE(kvdbServiceImpl_->IsValidPath("file123")); -} - -/** -* @tc.name: IsValidPath002 -* @tc.desc: IsValidPath function test. -* @tc.type: FUNC -*/ -HWTEST_F(KvdbServiceImplTest, IsValidPath002, TestSize.Level0) -{ - EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("path/with/forward/slash")); - EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("/starting/slash")); - EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("ending/slash/")); - EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("path\\with\\backslash")); - EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("\\starting\\backslash")); - EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("ending\\backslash\\")); - EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("..")); - EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("path/with\\mixed/slashes")); - EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("path\\with/mixed\\slashes")); -} } // namespace DistributedDataTest } // namespace OHOS::Test -- Gitee From e955d14aced415ffbd911f399063892143de7f87 Mon Sep 17 00:00:00 2001 From: z30053452 Date: Tue, 15 Jul 2025 15:49:25 +0800 Subject: [PATCH 09/21] code fix Signed-off-by: z30053452 --- .../framework/include/utils/verification_utils.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/distributeddataservice/framework/include/utils/verification_utils.h b/services/distributeddataservice/framework/include/utils/verification_utils.h index 5e1f58c8d..27ec1d6e4 100644 --- a/services/distributeddataservice/framework/include/utils/verification_utils.h +++ b/services/distributeddataservice/framework/include/utils/verification_utils.h @@ -15,7 +15,7 @@ #ifndef OHOS_DISTRIBUTED_DATA_FRAMEWORKS_VERIFICATION_UTILS_H #define OHOS_DISTRIBUTED_DATA_FRAMEWORKS_VERIFICATION_UTILS_H #include "visibility.h" - +#include namespace OHOS { namespace DistributedData { class VerificationUtils { -- Gitee From 874381a74fde65a4994a766d40e15eef545b62d8 Mon Sep 17 00:00:00 2001 From: z30053452 Date: Tue, 15 Jul 2025 16:18:02 +0800 Subject: [PATCH 10/21] code fix Signed-off-by: z30053452 --- .../distributeddataservice/service/kvdb/kvdb_service_impl.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp b/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp index 1b6348e61..515ba1642 100644 --- a/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp +++ b/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp @@ -527,7 +527,7 @@ Status KVDBServiceImpl::DisableCapability(const AppId &appId, const StoreId &sto Status KVDBServiceImpl::SetCapability(const AppId &appId, const StoreId &storeId, int32_t subUser, const std::vector &local, const std::vector &remote) { - if (!IsValidPath(storeId) || !IsValidPath(appId)) { + if (!VerificationUtils::IfContainIllegalField(storeId) || !VerificationUtils::IfContainIllegalField(appId)) { ZLOGE("param is Invalid, appId:%{public}s storeId:%{public}s.", appId.appId.c_str(), Anonymous::Change(storeId.storeId).c_str()); return INVALID_ARGUMENT; @@ -682,7 +682,7 @@ Status KVDBServiceImpl::GetBackupPassword(const AppId &appId, const StoreId &sto Status KVDBServiceImpl::SetConfig(const AppId &appId, const StoreId &storeId, const StoreConfig &storeConfig) { - if (!IsValidPath(storeId) || !IsValidPath(appId)) { + if (!VerificationUtils::IfContainIllegalField(storeId) || !VerificationUtils::IfContainIllegalField(appId)) { ZLOGE("param is Invalid, appId:%{public}s storeId:%{public}s.", appId.appId.c_str(), Anonymous::Change(storeId.storeId).c_str()); return INVALID_ARGUMENT; -- Gitee From 78d8b5e812355d8bd4a80eb7c3a851532cc6399f Mon Sep 17 00:00:00 2001 From: z30053452 Date: Tue, 15 Jul 2025 16:54:17 +0800 Subject: [PATCH 11/21] code fix Signed-off-by: z30053452 --- .../framework/test/verification_utils_test.cpp | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/services/distributeddataservice/framework/test/verification_utils_test.cpp b/services/distributeddataservice/framework/test/verification_utils_test.cpp index e5dc8484b..f39bd0221 100644 --- a/services/distributeddataservice/framework/test/verification_utils_test.cpp +++ b/services/distributeddataservice/framework/test/verification_utils_test.cpp @@ -51,11 +51,11 @@ HWTEST_F(VerificationUtilsTest, IfContainIllegalField002, TestSize.Level0) EXPECT_FALSE(VerificationUtils::IfContainIllegalField("path/with/forward/slash")); EXPECT_FALSE(VerificationUtils::IfContainIllegalField("/starting/slash")); EXPECT_FALSE(VerificationUtils::IfContainIllegalField("ending/slash/")); - EXPECT_FALSE(VerificationUtils::IfContainIllegalField("path\with\backslash")); - EXPECT_FALSE(VerificationUtils::IfContainIllegalField("\starting\backslash")); - EXPECT_FALSE(VerificationUtils::IfContainIllegalField("ending\backslash\")); + EXPECT_FALSE(VerificationUtils::IfContainIllegalField("path\\with\\backslash")); + EXPECT_FALSE(VerificationUtils::IfContainIllegalField("\\starting\\ending")); + EXPECT_FALSE(VerificationUtils::IfContainIllegalField("ending\\")); EXPECT_FALSE(VerificationUtils::IfContainIllegalField("..")); - EXPECT_FALSE(VerificationUtils::IfContainIllegalField("path/with\mixed/slashes")); - EXPECT_FALSE(VerificationUtils::IfContainIllegalField("path\with/mixed\slashes")); + EXPECT_FALSE(VerificationUtils::IfContainIllegalField("path/with\\mixed/slashes")); + EXPECT_FALSE(VerificationUtils::IfContainIllegalField("path\\with/mixed\\slashes")); } } // namespace OHOS::Test \ No newline at end of file -- Gitee From afff4cd92418230aa69c677fd6527c8f7433f4f0 Mon Sep 17 00:00:00 2001 From: z30053452 Date: Wed, 16 Jul 2025 15:47:22 +0800 Subject: [PATCH 12/21] code fix Signed-off-by: z30053452 --- .../include/utils/verification_utils.h | 3 +- .../test/verification_utils_test.cpp | 36 ++++---- .../framework/utils/verification_utils.cpp | 3 +- .../service/kvdb/kvdb_service_impl.cpp | 29 +------ .../service/kvdb/kvdb_service_stub.cpp | 8 ++ .../service/test/kvdb_service_impl_test.cpp | 83 ++++++++----------- .../test/kvdb_service_stub_unittest.cpp | 41 ++++++++- 7 files changed, 100 insertions(+), 103 deletions(-) diff --git a/services/distributeddataservice/framework/include/utils/verification_utils.h b/services/distributeddataservice/framework/include/utils/verification_utils.h index 27ec1d6e4..cee20d0a7 100644 --- a/services/distributeddataservice/framework/include/utils/verification_utils.h +++ b/services/distributeddataservice/framework/include/utils/verification_utils.h @@ -14,13 +14,12 @@ */ #ifndef OHOS_DISTRIBUTED_DATA_FRAMEWORKS_VERIFICATION_UTILS_H #define OHOS_DISTRIBUTED_DATA_FRAMEWORKS_VERIFICATION_UTILS_H -#include "visibility.h" #include namespace OHOS { namespace DistributedData { class VerificationUtils { public: - API_EXPORT static bool IfContainIllegalField(const std::string& param); + static bool IsValidField(const std::string ¶m); }; } // namespace DistributedData } // namespace OHOS diff --git a/services/distributeddataservice/framework/test/verification_utils_test.cpp b/services/distributeddataservice/framework/test/verification_utils_test.cpp index f39bd0221..a2b013626 100644 --- a/services/distributeddataservice/framework/test/verification_utils_test.cpp +++ b/services/distributeddataservice/framework/test/verification_utils_test.cpp @@ -30,32 +30,32 @@ namespace OHOS::Test { /** -@tc.name: IfContainIllegalField001 -@tc.desc: IfContainIllegalField function test. +@tc.name: IsValidField001 +@tc.desc: IsValidField function test. @tc.type: FUNC */ - HWTEST_F(VerificationUtilsTest, IfContainIllegalField001, TestSize.Level0) + HWTEST_F(VerificationUtilsTest, IsValidField001, TestSize.Level0) { - EXPECT_TRUE(VerificationUtils::IfContainIllegalField("validpath")); - EXPECT_TRUE(VerificationUtils::IfContainIllegalField("another_valid_path")); - EXPECT_TRUE(VerificationUtils::IfContainIllegalField("file123")); + EXPECT_TRUE(VerificationUtils::IsValidField("validpath")); + EXPECT_TRUE(VerificationUtils::IsValidField("another_valid_path")); + EXPECT_TRUE(VerificationUtils::IsValidField("file123")); } /** -@tc.name: IfContainIllegalField002 -@tc.desc: IfContainIllegalField function test. +@tc.name: IsValidField002 +@tc.desc: IsValidField function test. @tc.type: FUNC */ -HWTEST_F(VerificationUtilsTest, IfContainIllegalField002, TestSize.Level0) +HWTEST_F(VerificationUtilsTest, IsValidField002, TestSize.Level0) { - EXPECT_FALSE(VerificationUtils::IfContainIllegalField("path/with/forward/slash")); - EXPECT_FALSE(VerificationUtils::IfContainIllegalField("/starting/slash")); - EXPECT_FALSE(VerificationUtils::IfContainIllegalField("ending/slash/")); - EXPECT_FALSE(VerificationUtils::IfContainIllegalField("path\\with\\backslash")); - EXPECT_FALSE(VerificationUtils::IfContainIllegalField("\\starting\\ending")); - EXPECT_FALSE(VerificationUtils::IfContainIllegalField("ending\\")); - EXPECT_FALSE(VerificationUtils::IfContainIllegalField("..")); - EXPECT_FALSE(VerificationUtils::IfContainIllegalField("path/with\\mixed/slashes")); - EXPECT_FALSE(VerificationUtils::IfContainIllegalField("path\\with/mixed\\slashes")); + EXPECT_FALSE(VerificationUtils::IsValidField("path/with/forward/slash")); + EXPECT_FALSE(VerificationUtils::IsValidField("/starting/slash")); + EXPECT_FALSE(VerificationUtils::IsValidField("ending/slash/")); + EXPECT_FALSE(VerificationUtils::IsValidField("path\\with\\backslash")); + EXPECT_FALSE(VerificationUtils::IfContainIsValidFieldIllegalField("\\starting\\ending")); + EXPECT_FALSE(VerificationUtils::IsValidField("ending\\")); + EXPECT_FALSE(VerificationUtils::IsValidField("..")); + EXPECT_FALSE(VerificationUtils::IsValidField("path/with\\mixed/slashes")); + EXPECT_FALSE(VerificationUtils::IsValidField("path\\with/mixed\\slashes")); } } // namespace OHOS::Test \ No newline at end of file diff --git a/services/distributeddataservice/framework/utils/verification_utils.cpp b/services/distributeddataservice/framework/utils/verification_utils.cpp index fb5684853..66dcbe4df 100644 --- a/services/distributeddataservice/framework/utils/verification_utils.cpp +++ b/services/distributeddataservice/framework/utils/verification_utils.cpp @@ -17,9 +17,10 @@ namespace OHOS { namespace DistributedData { -bool VerificationUtils::IfContainIllegalField(const std::string ¶m) +bool VerificationUtils::IsValidField(const std::string ¶m) { if ((param.find("/") != std::string::npos) || (param.find("\\") != std::string::npos) || (param == "..")) { + ZLOGE("check failed, param is: %{public}s", param.c_str()); return false; } return true; diff --git a/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp b/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp index 515ba1642..faf608207 100644 --- a/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp +++ b/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp @@ -294,8 +294,7 @@ Status KVDBServiceImpl::NotifyDataChange(const AppId &appId, const StoreId &stor Status KVDBServiceImpl::PutSwitch(const AppId &appId, const SwitchData &data) { - if (data.value == DeviceMatrix::INVALID_VALUE || data.length == DeviceMatrix::INVALID_LENGTH || - !VerificationUtils::IfContainIllegalField(appId)) { + if (data.value == DeviceMatrix::INVALID_VALUE || data.length == DeviceMatrix::INVALID_LENGTH) { return Status::INVALID_ARGUMENT; } @@ -492,11 +491,6 @@ Status KVDBServiceImpl::GetSyncParam(const AppId &appId, const StoreId &storeId, Status KVDBServiceImpl::EnableCapability(const AppId &appId, const StoreId &storeId, int32_t subUser) { - if (!VerificationUtils::IfContainIllegalField(storeId) || !VerificationUtils::IfContainIllegalField(appId)) { - ZLOGE("param is Invalid, appId:%{public}s storeId:%{public}s.", appId.appId.c_str(), - Anonymous::Change(storeId.storeId).c_str()); - return INVALID_ARGUMENT; - } StrategyMeta strategyMeta = GetStrategyMeta(appId, storeId, subUser); if (strategyMeta.instanceId < 0) { return ILLEGAL_STATE; @@ -509,11 +503,6 @@ Status KVDBServiceImpl::EnableCapability(const AppId &appId, const StoreId &stor Status KVDBServiceImpl::DisableCapability(const AppId &appId, const StoreId &storeId, int32_t subUser) { - if (!VerificationUtils::IfContainIllegalField(storeId) || !VerificationUtils::IfContainIllegalField(appId)) { - ZLOGE("param is Invalid, appId:%{public}s storeId:%{public}s.", appId.appId.c_str(), - Anonymous::Change(storeId.storeId).c_str()); - return INVALID_ARGUMENT; - } StrategyMeta strategyMeta = GetStrategyMeta(appId, storeId, subUser); if (strategyMeta.instanceId < 0) { return ILLEGAL_STATE; @@ -527,11 +516,6 @@ Status KVDBServiceImpl::DisableCapability(const AppId &appId, const StoreId &sto Status KVDBServiceImpl::SetCapability(const AppId &appId, const StoreId &storeId, int32_t subUser, const std::vector &local, const std::vector &remote) { - if (!VerificationUtils::IfContainIllegalField(storeId) || !VerificationUtils::IfContainIllegalField(appId)) { - ZLOGE("param is Invalid, appId:%{public}s storeId:%{public}s.", appId.appId.c_str(), - Anonymous::Change(storeId.storeId).c_str()); - return INVALID_ARGUMENT; - } StrategyMeta strategy = GetStrategyMeta(appId, storeId, subUser); if (strategy.instanceId < 0) { return ILLEGAL_STATE; @@ -682,11 +666,6 @@ Status KVDBServiceImpl::GetBackupPassword(const AppId &appId, const StoreId &sto Status KVDBServiceImpl::SetConfig(const AppId &appId, const StoreId &storeId, const StoreConfig &storeConfig) { - if (!VerificationUtils::IfContainIllegalField(storeId) || !VerificationUtils::IfContainIllegalField(appId)) { - ZLOGE("param is Invalid, appId:%{public}s storeId:%{public}s.", appId.appId.c_str(), - Anonymous::Change(storeId.storeId).c_str()); - return INVALID_ARGUMENT; - } StoreMetaData meta = GetStoreMetaData(appId, storeId); StoreMetaMapping storeMetaMapping(meta); MetaDataManager::GetInstance().LoadMeta(storeMetaMapping.GetKey(), storeMetaMapping, true); @@ -804,12 +783,6 @@ Status KVDBServiceImpl::AfterCreate( options.kvStoreType, appId.appId.c_str(), Anonymous::Change(storeId.storeId).c_str(), options.dataType); return INVALID_ARGUMENT; } - if (!VerificationUtils::IfContainIllegalField(storeId) || !VerificationUtils::IfContainIllegalField(appId) || - !VerificationUtils::IfContainIllegalField(options.hapName)) { - ZLOGE("param is Invalid, appId:%{public}s storeId:%{public}s.", appId.appId.c_str(), - Anonymous::Change(storeId.storeId).c_str()); - return INVALID_ARGUMENT; - } StoreMetaData metaData = GetStoreMetaData(appId, storeId, options.subUser); AddOptions(options, metaData); diff --git a/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp b/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp index 37de89063..d0fed0f4d 100644 --- a/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp +++ b/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp @@ -141,6 +141,10 @@ int32_t KVDBServiceStub::OnBeforeCreate( Anonymous::Change(storeId.storeId).c_str()); return IPC_STUB_INVALID_DATA_ERR; } + if (!VerificationUtils::IsValidField(appId.appId) || !VerificationUtils::IsValidField(storeId.storeId) || + !VerificationUtils::IsValidField(options.hapName)) { + return IPC_STUB_INVALID_DATA_ERR; + } int32_t status = BeforeCreate(appId, storeId, options); if (!ITypesUtil::Marshal(reply, status)) { ZLOGE("Marshal status:0x%{public}x appId:%{public}s storeId:%{public}s", status, appId.appId.c_str(), @@ -160,6 +164,10 @@ int32_t KVDBServiceStub::OnAfterCreate( Anonymous::Change(storeId.storeId).c_str()); return IPC_STUB_INVALID_DATA_ERR; } + if (!VerificationUtils::IsValidField(appId.appId) || !VerificationUtils::IsValidField(storeId.storeId) || + !VerificationUtils::IsValidField(options.hapName)) { + return IPC_STUB_INVALID_DATA_ERR; + } int32_t status = AfterCreate(appId, storeId, options, password); password.assign(password.size(), 0); if (!ITypesUtil::Marshal(reply, status)) { diff --git a/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp b/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp index de2613d54..4a6d2b2cc 100644 --- a/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp +++ b/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp @@ -619,13 +619,7 @@ HWTEST_F(KvdbServiceImplTest, EnableCapabilityTest001, TestSize.Level0) EXPECT_CALL(*accTokenMock, GetTokenTypeFlag(testing::_)) .WillOnce(testing::Return(ATokenTypeEnum::TOKEN_NATIVE)) .WillRepeatedly(testing::Return(ATokenTypeEnum::TOKEN_NATIVE)); - AppId appId1; - appId1.appId = "../kvdb_test_storeid"; - StoreId storeId1; - storeId1.storeId = "ohos.test.kvdb"; - auto status = kvdbServiceImpl_->EnableCapability(appId1, storeId1, 0); - ASSERT_EQ(status, Status::INVALID_ARGUMENT); - status = kvdbServiceImpl_->EnableCapability(appId, storeId, 0); + auto status = kvdbServiceImpl_->EnableCapability(appId, storeId, 0); ASSERT_EQ(status, Status::SUCCESS); EXPECT_CALL(*accTokenMock, GetTokenTypeFlag(testing::_)) .WillOnce(testing::Return(ATokenTypeEnum::TOKEN_HAP)) @@ -851,13 +845,7 @@ HWTEST_F(KvdbServiceImplTest, DisableCapabilityTest001, TestSize.Level0) EXPECT_CALL(*accTokenMock, GetTokenTypeFlag(testing::_)) .WillOnce(testing::Return(ATokenTypeEnum::TOKEN_NATIVE)) .WillRepeatedly(testing::Return(ATokenTypeEnum::TOKEN_NATIVE)); - AppId appId1; - appId1.appId = "../kvdb_test_storeid"; - StoreId storeId1; - storeId1.storeId = "ohos.test.kvdb"; - auto status = kvdbServiceImpl_->DisableCapability(appId1, storeId1, 0); - ASSERT_EQ(status, Status::INVALID_ARGUMENT); - status = kvdbServiceImpl_->DisableCapability(appId, storeId, 0); + auto status = kvdbServiceImpl_->DisableCapability(appId, storeId, 0); ZLOGI("DisableCapabilityTest001 status = :%{public}d", status); ASSERT_EQ(status, Status::SUCCESS); EXPECT_CALL(*accTokenMock, GetTokenTypeFlag(testing::_)) @@ -887,12 +875,6 @@ HWTEST_F(KvdbServiceImplTest, SetCapabilityTest001, TestSize.Level0) auto status = kvdbServiceImpl_->SetCapability(appId, storeId, 0, local, remote); ZLOGI("SetCapabilityTest001 status = :%{public}d", status); ASSERT_EQ(status, Status::SUCCESS); - AppId appId1; - appId1.appId = "../kvdb_test_storeid"; - StoreId storeId1; - storeId1.storeId = "ohos.test.kvdb"; - status = kvdbServiceImpl_->SetCapability(appId1, storeId1, 0, local, remote); - ASSERT_EQ(status, Status::INVALID_ARGUMENT); EXPECT_CALL(*accTokenMock, GetTokenTypeFlag(testing::_)) .WillOnce(testing::Return(ATokenTypeEnum::TOKEN_HAP)) .WillRepeatedly(testing::Return(ATokenTypeEnum::TOKEN_HAP)); @@ -1041,34 +1023,6 @@ HWTEST_F(KvdbServiceImplTest, AfterCreateTest001, TestSize.Level0) ASSERT_EQ(status, Status::INVALID_ARGUMENT); } -/** -* @tc.name: AfterCreateTest002 -* @tc.desc: AfterCreate test -* @tc.type: FUNC -* @tc.author: wangbin -*/ -HWTEST_F(KvdbServiceImplTest, AfterCreateTest002, TestSize.Level0) -{ - ZLOGI("AfterCreateTest002 start"); - Status status1 = manager.GetSingleKvStore(create, appId, storeId, kvStore); - ASSERT_NE(kvStore, nullptr); - ASSERT_EQ(status1, Status::SUCCESS); - std::vector password; - auto status = kvdbServiceImpl_->AfterCreate(appId, storeId, create, password); - ZLOGI("AfterCreateTest001 status = :%{public}d", status); - ASSERT_EQ(status, Status::SUCCESS); - AppId appIds; - appIds.appId = "../kvdb_test_storeid"; - StoreId storeIds; - storeIds.storeId = "ohos.test.kvdb"; - status = kvdbServiceImpl_->AfterCreate(appIds, storeId, create, password); - ASSERT_EQ(status, Status::INVALID_ARGUMENT); - appIds.appId = "kvdb_test_storeid"; - storeIds.storeId = "\\ohos.test.kvdb"; - status = kvdbServiceImpl_->AfterCreate(appId, storeIds, create, password); - ASSERT_EQ(status, Status::INVALID_ARGUMENT); -} - /** * @tc.name: OnAppExitTest001 * @tc.desc: OnAppExit test @@ -1233,8 +1187,7 @@ HWTEST_F(KvdbServiceImplTest, PutSwitch, TestSize.Level0) switchData.length = DeviceMatrix::INVALID_LENGTH; status = kvdbServiceImpl_->PutSwitch(appId, switchData); EXPECT_EQ(status, Status::INVALID_ARGUMENT); - AppId appId1; - appId1.appId = "\\ohos.test.kvdb"; + Appid appId1 = "\\ohos.test.kvdb"; status = kvdbServiceImpl_->PutSwitch(appId1, switchData); EXPECT_EQ(status, Status::INVALID_ARGUMENT); std::string networkId = "networkId"; @@ -1609,5 +1562,35 @@ HWTEST_F(KvdbServiceImplTest, SubscribeSwitchData, TestSize.Level0) status = kvdbServiceImpl_->UnregServiceNotifier(appId); ASSERT_EQ(status, Status::SUCCESS); } + +/** +* @tc.name: IsValidPath001 +* @tc.desc: IsValidPath function test. +* @tc.type: FUNC +*/ +HWTEST_F(KvdbServiceImplTest, IsValidPath001, TestSize.Level0) +{ + EXPECT_TRUE(kvdbServiceImpl_->IsValidPath("validpath")); + EXPECT_TRUE(kvdbServiceImpl_->IsValidPath("another_valid_path")); + EXPECT_TRUE(kvdbServiceImpl_->IsValidPath("file123")); +} + +/** +* @tc.name: IsValidPath002 +* @tc.desc: IsValidPath function test. +* @tc.type: FUNC +*/ +HWTEST_F(KvdbServiceImplTest, IsValidPath002, TestSize.Level0) +{ + EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("path/with/forward/slash")); + EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("/starting/slash")); + EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("ending/slash/")); + EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("path\\with\\backslash")); + EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("\\starting\\backslash")); + EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("ending\\backslash\\")); + EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("..")); + EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("path/with\\mixed/slashes")); + EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("path\\with/mixed\\slashes")); +} } // namespace DistributedDataTest } // namespace OHOS::Test diff --git a/services/distributeddataservice/service/test/kvdb_service_stub_unittest.cpp b/services/distributeddataservice/service/test/kvdb_service_stub_unittest.cpp index c9bf0cef9..6441f56d2 100644 --- a/services/distributeddataservice/service/test/kvdb_service_stub_unittest.cpp +++ b/services/distributeddataservice/service/test/kvdb_service_stub_unittest.cpp @@ -149,12 +149,12 @@ HWTEST_F(KVDBServiceStubTest, CheckPermission001, TestSize.Level1) /** - * @tc.name: OnBeforeCreate + * @tc.name: OnBeforeCreate001 * @tc.desc: Test OnBeforeCreate * @tc.type: FUNC * @tc.require: */ -HWTEST_F(KVDBServiceStubTest, OnBeforeCreate, TestSize.Level1) +HWTEST_F(KVDBServiceStubTest, OnBeforeCreate001, TestSize.Level1) { MessageParcel data; MessageParcel reply; @@ -165,12 +165,28 @@ HWTEST_F(KVDBServiceStubTest, OnBeforeCreate, TestSize.Level1) } /** - * @tc.name: OnAfterCreate + * @tc.name: OnBeforeCreate002 + * @tc.desc: Test OnBeforeCreate + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(KVDBServiceStubTest, OnBeforeCreate002, TestSize.Level1) +{ + MessageParcel data; + MessageParcel reply; + AppId appId = {"test/App"}; + StoreId storeId = {"test\\StoreId"}; + auto status = kvdbServiceStub->OnBeforeCreate(appId, storeId, data, reply); + EXPECT_EQ(status, IPC_STUB_INVALID_DATA_ERR); +} + +/** + * @tc.name: OnAfterCreate001 * @tc.desc: Test OnAfterCreate * @tc.type: FUNC * @tc.require: */ -HWTEST_F(KVDBServiceStubTest, OnAfterCreate, TestSize.Level1) +HWTEST_F(KVDBServiceStubTest, OnAfterCreate001, TestSize.Level1) { MessageParcel data; data.WriteInterfaceToken(INTERFACE_TOKEN); @@ -181,6 +197,23 @@ HWTEST_F(KVDBServiceStubTest, OnAfterCreate, TestSize.Level1) EXPECT_EQ(status, IPC_STUB_INVALID_DATA_ERR); } +/** + * @tc.name: OnAfterCreate002 + * @tc.desc: Test OnAfterCreate + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(KVDBServiceStubTest, OnAfterCreate002, TestSize.Level1) +{ + MessageParcel data; + data.WriteInterfaceToken(INTERFACE_TOKEN); + MessageParcel reply; + AppId appId = {"..testApp"}; + StoreId storeId = {"..testStore"}; + auto status = kvdbServiceStub->OnAfterCreate(appId, storeId, data, reply); + EXPECT_EQ(status, IPC_STUB_INVALID_DATA_ERR); +} + /** * @tc.name: OnSync * @tc.desc: Test OnSync -- Gitee From eb55f6e8eccada7c879f1fb3f078a9636d296f95 Mon Sep 17 00:00:00 2001 From: z30053452 Date: Wed, 16 Jul 2025 16:05:20 +0800 Subject: [PATCH 13/21] code fix Signed-off-by: z30053452 --- .../service/kvdb/kvdb_service_impl.cpp | 3 +-- .../service/kvdb/kvdb_service_stub.cpp | 1 + .../service/test/kvdb_service_impl_test.cpp | 7 ------- 3 files changed, 2 insertions(+), 9 deletions(-) diff --git a/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp b/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp index faf608207..06373b517 100644 --- a/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp +++ b/services/distributeddataservice/service/kvdb/kvdb_service_impl.cpp @@ -50,7 +50,6 @@ #include "utils/converter.h" #include "app_id_mapping/app_id_mapping_config_manager.h" #include "network/network_delegate.h" -#include "utils/verification_utils.h" namespace OHOS::DistributedKv { using namespace OHOS::DistributedData; @@ -297,7 +296,6 @@ Status KVDBServiceImpl::PutSwitch(const AppId &appId, const SwitchData &data) if (data.value == DeviceMatrix::INVALID_VALUE || data.length == DeviceMatrix::INVALID_LENGTH) { return Status::INVALID_ARGUMENT; } - auto deviceId = DMAdapter::GetInstance().GetLocalDevice().uuid; SwitchesMetaData oldMeta; oldMeta.deviceId = deviceId; @@ -783,6 +781,7 @@ Status KVDBServiceImpl::AfterCreate( options.kvStoreType, appId.appId.c_str(), Anonymous::Change(storeId.storeId).c_str(), options.dataType); return INVALID_ARGUMENT; } + StoreMetaData metaData = GetStoreMetaData(appId, storeId, options.subUser); AddOptions(options, metaData); diff --git a/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp b/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp index d0fed0f4d..792a8cf17 100644 --- a/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp +++ b/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp @@ -20,6 +20,7 @@ #include "log_print.h" #include "utils/anonymous.h" #include "utils/constant.h" +#include "utils/verification_utils.h" namespace OHOS::DistributedKv { using namespace OHOS::DistributedData; const KVDBServiceStub::Handler diff --git a/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp b/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp index 4a6d2b2cc..fd8a647c6 100644 --- a/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp +++ b/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp @@ -1183,13 +1183,6 @@ HWTEST_F(KvdbServiceImplTest, PutSwitch, TestSize.Level0) switchData.length = DeviceMatrix::INVALID_LEVEL; status = kvdbServiceImpl_->PutSwitch(appId, switchData); EXPECT_EQ(status, Status::SUCCESS); - switchData.value = DeviceMatrix::INVALID_VALUE; - switchData.length = DeviceMatrix::INVALID_LENGTH; - status = kvdbServiceImpl_->PutSwitch(appId, switchData); - EXPECT_EQ(status, Status::INVALID_ARGUMENT); - Appid appId1 = "\\ohos.test.kvdb"; - status = kvdbServiceImpl_->PutSwitch(appId1, switchData); - EXPECT_EQ(status, Status::INVALID_ARGUMENT); std::string networkId = "networkId"; status = kvdbServiceImpl_->GetSwitch(appId, networkId, switchData); EXPECT_EQ(status, Status::INVALID_ARGUMENT); -- Gitee From 7f523c44f127ae29d83db1998586e3d5551379ac Mon Sep 17 00:00:00 2001 From: z30053452 Date: Wed, 16 Jul 2025 16:39:13 +0800 Subject: [PATCH 14/21] code fix Signed-off-by: z30053452 --- .../framework/include/utils/verification_utils.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/services/distributeddataservice/framework/include/utils/verification_utils.h b/services/distributeddataservice/framework/include/utils/verification_utils.h index cee20d0a7..e42cc09ca 100644 --- a/services/distributeddataservice/framework/include/utils/verification_utils.h +++ b/services/distributeddataservice/framework/include/utils/verification_utils.h @@ -14,12 +14,13 @@ */ #ifndef OHOS_DISTRIBUTED_DATA_FRAMEWORKS_VERIFICATION_UTILS_H #define OHOS_DISTRIBUTED_DATA_FRAMEWORKS_VERIFICATION_UTILS_H +#include "visibility.h" #include namespace OHOS { namespace DistributedData { class VerificationUtils { public: - static bool IsValidField(const std::string ¶m); + API_EXPORT static bool IsValidField(const std::string ¶m); }; } // namespace DistributedData } // namespace OHOS -- Gitee From 194b50b195bc0bf4e99fd75fc88d748ca5406345 Mon Sep 17 00:00:00 2001 From: z30053452 Date: Wed, 16 Jul 2025 17:01:37 +0800 Subject: [PATCH 15/21] code fix Signed-off-by: z30053452 --- .../distributeddataservice/framework/BUILD.gn | 1 - .../include/utils/verification_utils.h | 27 -------- .../framework/test/BUILD.gn | 9 --- .../test/verification_utils_test.cpp | 61 ------------------- .../framework/utils/verification_utils.cpp | 29 --------- .../service/kvdb/kvdb_service_stub.cpp | 16 +++-- .../service/kvdb/kvdb_service_stub.h | 1 + .../test/kvdb_service_stub_unittest.cpp | 32 ++++++++++ 8 files changed, 44 insertions(+), 132 deletions(-) delete mode 100644 services/distributeddataservice/framework/include/utils/verification_utils.h delete mode 100644 services/distributeddataservice/framework/test/verification_utils_test.cpp delete mode 100644 services/distributeddataservice/framework/utils/verification_utils.cpp diff --git a/services/distributeddataservice/framework/BUILD.gn b/services/distributeddataservice/framework/BUILD.gn index e812213c2..c02ccc84c 100644 --- a/services/distributeddataservice/framework/BUILD.gn +++ b/services/distributeddataservice/framework/BUILD.gn @@ -113,7 +113,6 @@ ohos_shared_library("distributeddatasvcfwk") { "utils/crypto.cpp", "utils/ref_count.cpp", "utils/time_utils.cpp", - "utils/verification_utils.cpp", ] cflags = [ diff --git a/services/distributeddataservice/framework/include/utils/verification_utils.h b/services/distributeddataservice/framework/include/utils/verification_utils.h deleted file mode 100644 index e42cc09ca..000000000 --- a/services/distributeddataservice/framework/include/utils/verification_utils.h +++ /dev/null @@ -1,27 +0,0 @@ -/* - * Copyright (c) 2025 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef OHOS_DISTRIBUTED_DATA_FRAMEWORKS_VERIFICATION_UTILS_H -#define OHOS_DISTRIBUTED_DATA_FRAMEWORKS_VERIFICATION_UTILS_H -#include "visibility.h" -#include -namespace OHOS { -namespace DistributedData { -class VerificationUtils { -public: - API_EXPORT static bool IsValidField(const std::string ¶m); -}; -} // namespace DistributedData -} // namespace OHOS -#endif \ No newline at end of file diff --git a/services/distributeddataservice/framework/test/BUILD.gn b/services/distributeddataservice/framework/test/BUILD.gn index 38f653178..a1fa7e667 100644 --- a/services/distributeddataservice/framework/test/BUILD.gn +++ b/services/distributeddataservice/framework/test/BUILD.gn @@ -408,14 +408,6 @@ ohos_unittest("DeviceSyncAppManagerTest") { external_deps = [ "kv_store:datamgr_common" ] } -ohos_unittest("VerificationUtilsTest") { - module_out_path = module_output_path - sources = [ "verification_utils_test.cpp" ] - configs = [ ":module_private_config" ] - deps = [ "${data_service_path}/framework:distributeddatasvcfwk" ] - external_deps = [ "kv_store:datamgr_common" ] -} - ############################################################################### group("unittest") { testonly = true @@ -445,7 +437,6 @@ group("unittest") { ":StoreMetaDataLocalTest", ":StoreTest", ":SubscriptionTest", - ":VerificationUtilsTest" ] } ############################################################################### diff --git a/services/distributeddataservice/framework/test/verification_utils_test.cpp b/services/distributeddataservice/framework/test/verification_utils_test.cpp deleted file mode 100644 index a2b013626..000000000 --- a/services/distributeddataservice/framework/test/verification_utils_test.cpp +++ /dev/null @@ -1,61 +0,0 @@ -/* - -Copyright (c) 2023 Huawei Device Co., Ltd. -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at -http://www.apache.org/licenses/LICENSE-2.0 -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ -#include "utils/verification_utils.h" - -#include - -using namespace testing::ext; -using namespace OHOS::DistributedData; -namespace OHOS::Test { - class VerificationUtilsTest : public testing::Test { - public: - const std::map testRelation = { { "testUserId", "testBundleName" } }; - const std::map testExpiresTime = { { "1h", 3600 } }; - static void SetUpTestCase(void) {}; - static void TearDownTestCase(void) {}; - void SetUp() {}; - void TearDown() {}; - }; - -/** - -@tc.name: IsValidField001 -@tc.desc: IsValidField function test. -@tc.type: FUNC -*/ - HWTEST_F(VerificationUtilsTest, IsValidField001, TestSize.Level0) -{ - EXPECT_TRUE(VerificationUtils::IsValidField("validpath")); - EXPECT_TRUE(VerificationUtils::IsValidField("another_valid_path")); - EXPECT_TRUE(VerificationUtils::IsValidField("file123")); -} -/** - -@tc.name: IsValidField002 -@tc.desc: IsValidField function test. -@tc.type: FUNC -*/ -HWTEST_F(VerificationUtilsTest, IsValidField002, TestSize.Level0) -{ - EXPECT_FALSE(VerificationUtils::IsValidField("path/with/forward/slash")); - EXPECT_FALSE(VerificationUtils::IsValidField("/starting/slash")); - EXPECT_FALSE(VerificationUtils::IsValidField("ending/slash/")); - EXPECT_FALSE(VerificationUtils::IsValidField("path\\with\\backslash")); - EXPECT_FALSE(VerificationUtils::IfContainIsValidFieldIllegalField("\\starting\\ending")); - EXPECT_FALSE(VerificationUtils::IsValidField("ending\\")); - EXPECT_FALSE(VerificationUtils::IsValidField("..")); - EXPECT_FALSE(VerificationUtils::IsValidField("path/with\\mixed/slashes")); - EXPECT_FALSE(VerificationUtils::IsValidField("path\\with/mixed\\slashes")); -} -} // namespace OHOS::Test \ No newline at end of file diff --git a/services/distributeddataservice/framework/utils/verification_utils.cpp b/services/distributeddataservice/framework/utils/verification_utils.cpp deleted file mode 100644 index 66dcbe4df..000000000 --- a/services/distributeddataservice/framework/utils/verification_utils.cpp +++ /dev/null @@ -1,29 +0,0 @@ -/* - * Copyright (c) 2025 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#define LOG_TAG "VerificationUtils" -#include "utils/verification_utils.h" - -namespace OHOS { -namespace DistributedData { -bool VerificationUtils::IsValidField(const std::string ¶m) -{ - if ((param.find("/") != std::string::npos) || (param.find("\\") != std::string::npos) || (param == "..")) { - ZLOGE("check failed, param is: %{public}s", param.c_str()); - return false; - } - return true; -} -} // namespace DistributedData -} // namespace OHOS \ No newline at end of file diff --git a/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp b/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp index 792a8cf17..c1d508018 100644 --- a/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp +++ b/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp @@ -20,7 +20,6 @@ #include "log_print.h" #include "utils/anonymous.h" #include "utils/constant.h" -#include "utils/verification_utils.h" namespace OHOS::DistributedKv { using namespace OHOS::DistributedData; const KVDBServiceStub::Handler @@ -142,8 +141,7 @@ int32_t KVDBServiceStub::OnBeforeCreate( Anonymous::Change(storeId.storeId).c_str()); return IPC_STUB_INVALID_DATA_ERR; } - if (!VerificationUtils::IsValidField(appId.appId) || !VerificationUtils::IsValidField(storeId.storeId) || - !VerificationUtils::IsValidField(options.hapName)) { + if (!IsValidField(appId.appId) || !IsValidField(storeId.storeId) || !IsValidField(options.hapName)) { return IPC_STUB_INVALID_DATA_ERR; } int32_t status = BeforeCreate(appId, storeId, options); @@ -165,8 +163,7 @@ int32_t KVDBServiceStub::OnAfterCreate( Anonymous::Change(storeId.storeId).c_str()); return IPC_STUB_INVALID_DATA_ERR; } - if (!VerificationUtils::IsValidField(appId.appId) || !VerificationUtils::IsValidField(storeId.storeId) || - !VerificationUtils::IsValidField(options.hapName)) { + if (!IsValidField(appId.appId) || !IsValidField(storeId.storeId) || !IsValidField(options.hapName)) { return IPC_STUB_INVALID_DATA_ERR; } int32_t status = AfterCreate(appId, storeId, options, password); @@ -588,4 +585,13 @@ int32_t KVDBServiceStub::OnRemoveDeviceData(const AppId &appId, const StoreId &s } return ERR_NONE; } + +bool KVDBServiceStub::IsValidField(const std::string ¶m) +{ + if ((param.find("/") != std::string::npos) || (param.find("\\") != std::string::npos) || (param == "..")) { + ZLOGE("check failed, param is: %{public}s", param.c_str()); + return false; + } + return true; +} } // namespace OHOS::DistributedKv diff --git a/services/distributeddataservice/service/kvdb/kvdb_service_stub.h b/services/distributeddataservice/service/kvdb/kvdb_service_stub.h index f26cb7c83..ab87da37d 100644 --- a/services/distributeddataservice/service/kvdb/kvdb_service_stub.h +++ b/services/distributeddataservice/service/kvdb/kvdb_service_stub.h @@ -62,6 +62,7 @@ private: bool CheckPermission(uint32_t code, const StoreInfo &storeInfo); std::pair GetStoreInfo(uint32_t code, MessageParcel &data); + bool IsValidField(const std::string ¶m); }; } // namespace OHOS::DistributedKv #endif // OHOS_DISTRIBUTED_DATA_SERVICE_KVDB_SERVICE_STUB_H diff --git a/services/distributeddataservice/service/test/kvdb_service_stub_unittest.cpp b/services/distributeddataservice/service/test/kvdb_service_stub_unittest.cpp index 6441f56d2..d762db1c7 100644 --- a/services/distributeddataservice/service/test/kvdb_service_stub_unittest.cpp +++ b/services/distributeddataservice/service/test/kvdb_service_stub_unittest.cpp @@ -383,5 +383,37 @@ HWTEST_F(KVDBServiceStubTest, OnRemoveDeviceData, TestSize.Level1) auto status = kvdbServiceStub->OnRemoveDeviceData(appId, storeId, data, reply); EXPECT_EQ(status, IPC_STUB_INVALID_DATA_ERR); } + +/** + * @tc.name: IsValidField001 + * @tc.desc: IsValidField function test. + * @tc.type: FUNC + */ +HWTEST_F(VerificationUtilsTest, IsValidField001, TestSize.Level0) +{ + EXPECT_TRUE(kvdbServiceStub->IsValidField("validpath")); + EXPECT_TRUE(kvdbServiceStub->IsValidField("another_valid_path")); + EXPECT_TRUE(kvdbServiceStub->IsValidField("file123")); +} + +/** + * @tc.name: IsValidField002 + * @tc.desc: IsValidField function test. + * @tc.type: FUNC + */ +HWTEST_F(VerificationUtilsTest, IsValidField002, TestSize.Level0) +{ + EXPECT_FALSE(kvdbServiceStub->IsValidField("path/with/forward/slash")); + EXPECT_FALSE(kvdbServiceStub->IsValidField("/starting/slash")); + EXPECT_FALSE(kvdbServiceStub->IsValidField("ending/slash/")); + EXPECT_FALSE(kvdbServiceStub->IsValidField("path\\with\\backslash")); + EXPECT_FALSE(kvdbServiceStub->IfContainIsValidFieldIllegalField("\\starting\\ending")); + EXPECT_FALSE(kvdbServiceStub->IsValidField("ending\\")); + EXPECT_FALSE(kvdbServiceStub->IsValidField("..")); + EXPECT_FALSE(kvdbServiceStub->IsValidField("path/with\\mixed/slashes")); + EXPECT_FALSE(kvdbServiceStub->IsValidField("path\\with/mixed\\slashes")); +} + + } // namespace DistributedDataTest } // namespace OHOS::Test \ No newline at end of file -- Gitee From d26448be0c5ca322d4332a415a536848f0517ac3 Mon Sep 17 00:00:00 2001 From: z30053452 Date: Wed, 16 Jul 2025 17:07:29 +0800 Subject: [PATCH 16/21] code fix Signed-off-by: z30053452 --- .../framework/test/BUILD.gn | 1 - .../service/test/kvdb_service_impl_test.cpp | 30 ------------------- 2 files changed, 31 deletions(-) diff --git a/services/distributeddataservice/framework/test/BUILD.gn b/services/distributeddataservice/framework/test/BUILD.gn index a1fa7e667..37a5bafdd 100644 --- a/services/distributeddataservice/framework/test/BUILD.gn +++ b/services/distributeddataservice/framework/test/BUILD.gn @@ -407,7 +407,6 @@ ohos_unittest("DeviceSyncAppManagerTest") { deps = [ "${data_service_path}/framework:distributeddatasvcfwk" ] external_deps = [ "kv_store:datamgr_common" ] } - ############################################################################### group("unittest") { testonly = true diff --git a/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp b/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp index fd8a647c6..bc4c17a96 100644 --- a/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp +++ b/services/distributeddataservice/service/test/kvdb_service_impl_test.cpp @@ -1555,35 +1555,5 @@ HWTEST_F(KvdbServiceImplTest, SubscribeSwitchData, TestSize.Level0) status = kvdbServiceImpl_->UnregServiceNotifier(appId); ASSERT_EQ(status, Status::SUCCESS); } - -/** -* @tc.name: IsValidPath001 -* @tc.desc: IsValidPath function test. -* @tc.type: FUNC -*/ -HWTEST_F(KvdbServiceImplTest, IsValidPath001, TestSize.Level0) -{ - EXPECT_TRUE(kvdbServiceImpl_->IsValidPath("validpath")); - EXPECT_TRUE(kvdbServiceImpl_->IsValidPath("another_valid_path")); - EXPECT_TRUE(kvdbServiceImpl_->IsValidPath("file123")); -} - -/** -* @tc.name: IsValidPath002 -* @tc.desc: IsValidPath function test. -* @tc.type: FUNC -*/ -HWTEST_F(KvdbServiceImplTest, IsValidPath002, TestSize.Level0) -{ - EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("path/with/forward/slash")); - EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("/starting/slash")); - EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("ending/slash/")); - EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("path\\with\\backslash")); - EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("\\starting\\backslash")); - EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("ending\\backslash\\")); - EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("..")); - EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("path/with\\mixed/slashes")); - EXPECT_FALSE(kvdbServiceImpl_->IsValidPath("path\\with/mixed\\slashes")); -} } // namespace DistributedDataTest } // namespace OHOS::Test -- Gitee From 772fd4b96d9aef002cd195d75bbdf76c13b439e2 Mon Sep 17 00:00:00 2001 From: z30053452 Date: Wed, 16 Jul 2025 17:41:18 +0800 Subject: [PATCH 17/21] code fix Signed-off-by: z30053452 --- .../service/test/kvdb_service_stub_unittest.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/distributeddataservice/service/test/kvdb_service_stub_unittest.cpp b/services/distributeddataservice/service/test/kvdb_service_stub_unittest.cpp index d762db1c7..3c6c143c5 100644 --- a/services/distributeddataservice/service/test/kvdb_service_stub_unittest.cpp +++ b/services/distributeddataservice/service/test/kvdb_service_stub_unittest.cpp @@ -389,7 +389,7 @@ HWTEST_F(KVDBServiceStubTest, OnRemoveDeviceData, TestSize.Level1) * @tc.desc: IsValidField function test. * @tc.type: FUNC */ -HWTEST_F(VerificationUtilsTest, IsValidField001, TestSize.Level0) +HWTEST_F(KVDBServiceStubTest, IsValidField001, TestSize.Level0) { EXPECT_TRUE(kvdbServiceStub->IsValidField("validpath")); EXPECT_TRUE(kvdbServiceStub->IsValidField("another_valid_path")); @@ -401,7 +401,7 @@ HWTEST_F(VerificationUtilsTest, IsValidField001, TestSize.Level0) * @tc.desc: IsValidField function test. * @tc.type: FUNC */ -HWTEST_F(VerificationUtilsTest, IsValidField002, TestSize.Level0) +HWTEST_F(KVDBServiceStubTest, IsValidField002, TestSize.Level0) { EXPECT_FALSE(kvdbServiceStub->IsValidField("path/with/forward/slash")); EXPECT_FALSE(kvdbServiceStub->IsValidField("/starting/slash")); -- Gitee From 4dcb9d6a97f96e9d4a70079950592be715b4d106 Mon Sep 17 00:00:00 2001 From: z30053452 Date: Wed, 16 Jul 2025 18:01:53 +0800 Subject: [PATCH 18/21] code fix Signed-off-by: z30053452 --- .../service/test/kvdb_service_stub_unittest.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/distributeddataservice/service/test/kvdb_service_stub_unittest.cpp b/services/distributeddataservice/service/test/kvdb_service_stub_unittest.cpp index 3c6c143c5..28269f5cb 100644 --- a/services/distributeddataservice/service/test/kvdb_service_stub_unittest.cpp +++ b/services/distributeddataservice/service/test/kvdb_service_stub_unittest.cpp @@ -407,7 +407,7 @@ HWTEST_F(KVDBServiceStubTest, IsValidField002, TestSize.Level0) EXPECT_FALSE(kvdbServiceStub->IsValidField("/starting/slash")); EXPECT_FALSE(kvdbServiceStub->IsValidField("ending/slash/")); EXPECT_FALSE(kvdbServiceStub->IsValidField("path\\with\\backslash")); - EXPECT_FALSE(kvdbServiceStub->IfContainIsValidFieldIllegalField("\\starting\\ending")); + EXPECT_FALSE(kvdbServiceStub->IsValidField("\\starting\\ending")); EXPECT_FALSE(kvdbServiceStub->IsValidField("ending\\")); EXPECT_FALSE(kvdbServiceStub->IsValidField("..")); EXPECT_FALSE(kvdbServiceStub->IsValidField("path/with\\mixed/slashes")); -- Gitee From 0ad64f8c841042b2c4aa037f4fea51f1b8597d9c Mon Sep 17 00:00:00 2001 From: z30053452 Date: Wed, 16 Jul 2025 18:25:17 +0800 Subject: [PATCH 19/21] code fix Signed-off-by: z30053452 --- .../service/kvdb/kvdb_service_stub.cpp | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp b/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp index c1d508018..aa5154d50 100644 --- a/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp +++ b/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp @@ -22,6 +22,10 @@ #include "utils/constant.h" namespace OHOS::DistributedKv { using namespace OHOS::DistributedData; +static constexpr const char *Slash = "/"; +static constexpr const char *BackSlash = "\\"; +static constexpr const char *Point = ".."; + const KVDBServiceStub::Handler KVDBServiceStub::HANDLERS[static_cast(KVDBServiceInterfaceCode::TRANS_BUTT)] = { &KVDBServiceStub::OnGetStoreIds, @@ -588,8 +592,8 @@ int32_t KVDBServiceStub::OnRemoveDeviceData(const AppId &appId, const StoreId &s bool KVDBServiceStub::IsValidField(const std::string ¶m) { - if ((param.find("/") != std::string::npos) || (param.find("\\") != std::string::npos) || (param == "..")) { - ZLOGE("check failed, param is: %{public}s", param.c_str()); + if ((param.find(Slash) != std::string::npos) || (param.find(BackSlash) != std::string::npos) || (param == Point)) { + ZLOGE("check failed, param is: %{public}s", Anonymous::Change(param.c_str()); return false; } return true; -- Gitee From e71e6136c1f5896ce91d60b4d00f1016e021d113 Mon Sep 17 00:00:00 2001 From: z30053452 Date: Wed, 16 Jul 2025 19:33:57 +0800 Subject: [PATCH 20/21] code fix Signed-off-by: z30053452 --- .../service/kvdb/kvdb_service_stub.cpp | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp b/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp index aa5154d50..0d33c8cf0 100644 --- a/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp +++ b/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp @@ -22,9 +22,9 @@ #include "utils/constant.h" namespace OHOS::DistributedKv { using namespace OHOS::DistributedData; -static constexpr const char *Slash = "/"; -static constexpr const char *BackSlash = "\\"; -static constexpr const char *Point = ".."; +static constexpr const char *SLASH = "/"; +static constexpr const char *BACK_SLASH = "\\"; +static constexpr const char *POINT = ".."; const KVDBServiceStub::Handler KVDBServiceStub::HANDLERS[static_cast(KVDBServiceInterfaceCode::TRANS_BUTT)] = { @@ -592,8 +592,8 @@ int32_t KVDBServiceStub::OnRemoveDeviceData(const AppId &appId, const StoreId &s bool KVDBServiceStub::IsValidField(const std::string ¶m) { - if ((param.find(Slash) != std::string::npos) || (param.find(BackSlash) != std::string::npos) || (param == Point)) { - ZLOGE("check failed, param is: %{public}s", Anonymous::Change(param.c_str()); + if ((param.find(SLASH) != std::string::npos) || (param.find(BACK_SLASH) != std::string::npos) || (param == POINT)) { + ZLOGE("check failed, param is: %{public}s", Anonymous::Change(param.c_str())); return false; } return true; -- Gitee From 9bfbb548fc746b416440c9f51262f1872df3b454 Mon Sep 17 00:00:00 2001 From: zhiyihang Date: Wed, 16 Jul 2025 12:22:52 +0000 Subject: [PATCH 21/21] update services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp. Signed-off-by: zhiyihang --- .../distributeddataservice/service/kvdb/kvdb_service_stub.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp b/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp index 0d33c8cf0..4febb92f0 100644 --- a/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp +++ b/services/distributeddataservice/service/kvdb/kvdb_service_stub.cpp @@ -593,7 +593,7 @@ int32_t KVDBServiceStub::OnRemoveDeviceData(const AppId &appId, const StoreId &s bool KVDBServiceStub::IsValidField(const std::string ¶m) { if ((param.find(SLASH) != std::string::npos) || (param.find(BACK_SLASH) != std::string::npos) || (param == POINT)) { - ZLOGE("check failed, param is: %{public}s", Anonymous::Change(param.c_str())); + ZLOGE("check failed, param is: %{public}s", Anonymous::Change(param).c_str()); return false; } return true; -- Gitee