diff options
author | Ronny <ronny@apache.org> | 2022-06-22 15:32:55 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-06-22 15:32:55 +0200 |
commit | c417303eff34ed1dfaa3f0d45ec3ce0b7ddbdd62 (patch) | |
tree | 09308181ee9c18836b9b04aa952cdc775831e171 | |
parent | 116c4e95636483143830d2c3ca9c3e2f68ff2b23 (diff) | |
download | couchdb-c417303eff34ed1dfaa3f0d45ec3ce0b7ddbdd62.tar.gz |
Prevent error:function_clause in check_security/3 if roles claim is malformed (#4070)
If the given UserRoles/Roles/Names aren't lists, ordersets:from_list/1
or lists:member will fail with an error. Prevent this with Erlang
Pattern Matching and the Robot Butt Rule [1].
Thanks @nickva
[1] https://medium.com/erlang-battleground/ode-to-the-robot-butt-bbd69e69beb2
-rw-r--r-- | src/couch/src/couch_db.erl | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/src/couch/src/couch_db.erl b/src/couch/src/couch_db.erl index caf8157a0..c7f1c8b5f 100644 --- a/src/couch/src/couch_db.erl +++ b/src/couch/src/couch_db.erl @@ -742,18 +742,18 @@ is_authorized(#user_ctx{name = UserName, roles = UserRoles}, Security) -> false -> check_security(names, UserName, Names) end. -check_security(roles, [], _) -> - false; -check_security(roles, UserRoles, Roles) -> +check_security(roles, [_ | _] = UserRoles, [_ | _] = Roles) -> UserRolesSet = ordsets:from_list(UserRoles), RolesSet = ordsets:from_list(Roles), not ordsets:is_disjoint(UserRolesSet, RolesSet); -check_security(names, _, []) -> +check_security(roles, _, _) -> false; check_security(names, null, _) -> false; -check_security(names, UserName, Names) -> - lists:member(UserName, Names). +check_security(names, UserName, [_ | _] = Names) -> + lists:member(UserName, Names); +check_security(names, _, _) -> + false. throw_security_error(#user_ctx{name = null} = UserCtx) -> Reason = <<"You are not authorized to access this db.">>, |