added sanity checks on user/pass string length when creating user via…

… RPC API
MFrank2016 · Mar 13, 2020 · 1aef6e1 · 1aef6e1
1 parent bdfabe9
commit 1aef6e1
Show file tree

Hide file tree

Showing 2 changed files with 63 additions and 1 deletion.
diff --git a/api/keystore/service.go b/api/keystore/service.go
@@ -23,8 +23,14 @@ import (
 	jsoncodec "github.com/ava-labs/gecko/utils/json"
 )
 
+const (
+	// maxUserPassLen is the maximum length of the username or password allowed
+	maxUserPassLen = 1024
+)
+
 var (
-	errEmptyUsername = errors.New("username can't be the empty string")
+	errEmptyUsername     = errors.New("username can't be the empty string")
+	errUserPassMaxLength = errors.New(fmt.Sprintf("CreateUser call rejected due to username or password exceeding maximum length of %d chars", maxUserPassLen))
 )
 
 // KeyValuePair ...
@@ -114,6 +120,10 @@ func (ks *Keystore) CreateUser(_ *http.Request, args *CreateUserArgs, reply *Cre
 	ks.lock.Lock()
 	defer ks.lock.Unlock()
 
+	if len(args.Username) > maxUserPassLen || len(args.Password) > maxUserPassLen {
+		return errUserPassMaxLength
+	}
+
 	ks.log.Verbo("CreateUser called with %s", args.Username)
 
 	if args.Username == "" {

diff --git a/api/keystore/service_test.go b/api/keystore/service_test.go
@@ -5,6 +5,8 @@ package keystore
 
 import (
 	"bytes"
+	"fmt"
+	"math/rand"
 	"testing"
 
 	"github.com/ava-labs/gecko/database/memdb"
@@ -56,6 +58,56 @@ func TestServiceCreateUser(t *testing.T) {
 	}
 }
 
+// genStr returns a string of given length
+func genStr(n int) string {
+	b := make([]byte, n)
+	rand.Read(b)
+	return fmt.Sprintf("%x", b)[:n]
+}
+
+// TestServiceCreateUserArgsChecks generates excessively long usernames or
+// passwords to assure the santity checks on string length are not exceeded
+func TestServiceCreateUserArgsCheck(t *testing.T) {
+	ks := Keystore{}
+	ks.Initialize(logging.NoLog{}, memdb.New())
+
+	{
+		reply := CreateUserReply{}
+		err := ks.CreateUser(nil, &CreateUserArgs{
+			Username: genStr(maxUserPassLen + 1),
+			Password: "shortpass",
+		}, &reply)
+
+		if reply.Success || err != errUserPassMaxLength {
+			t.Fatal("User was created when it should have been rejected due to too long a Username, err =", err)
+		}
+	}
+
+	{
+		reply := CreateUserReply{}
+		err := ks.CreateUser(nil, &CreateUserArgs{
+			Username: "shortuser",
+			Password: genStr(maxUserPassLen + 1),
+		}, &reply)
+
+		if reply.Success || err != errUserPassMaxLength {
+			t.Fatal("User was created when it should have been rejected due to too long a Password, err =", err)
+		}
+	}
+
+	{
+		reply := ListUsersReply{}
+		if err := ks.ListUsers(nil, &ListUsersArgs{}, &reply); err != nil {
+			t.Fatal(err)
+		}
+
+		if len(reply.Users) > 0 {
+			t.Fatalf("A user exists when there should be none")
+		}
+	}
+
+}
+
 func TestServiceCreateDuplicate(t *testing.T) {
 	ks := Keystore{}
 	ks.Initialize(logging.NoLog{}, memdb.New())