diff options
author | Stan Hu <stanhu@gmail.com> | 2018-06-05 14:39:44 -0700 |
---|---|---|
committer | Stan Hu <stanhu@gmail.com> | 2018-06-05 14:39:44 -0700 |
commit | 36a8f1a677df85d61c4948e9f28293a1c75096a9 (patch) | |
tree | 436b9679c391a6e0b8deb8fc9664a1f4c5980c51 /spec | |
parent | 84dd83d6ab8dd69be8ff6ccfbe339c369c6fd41e (diff) | |
download | gitlab-ce-36a8f1a677df85d61c4948e9f28293a1c75096a9.tar.gz |
Reject GPG keys that have e-mail or names with non-valid UTF-8 encodings
These were causing 500 Errors when accessing GPG keys for some users.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/47280
Diffstat (limited to 'spec')
-rw-r--r-- | spec/lib/gitlab/gpg_spec.rb | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/spec/lib/gitlab/gpg_spec.rb b/spec/lib/gitlab/gpg_spec.rb index ab9a166db00..47f37cae98f 100644 --- a/spec/lib/gitlab/gpg_spec.rb +++ b/spec/lib/gitlab/gpg_spec.rb @@ -74,6 +74,19 @@ describe Gitlab::Gpg do email: 'nannie.bernhard@example.com' }]) end + + it 'rejects non UTF-8 names and addresses' do + public_key = double(:key) + fingerprints = double(:fingerprints) + email = "\xEEch@test.com".force_encoding('ASCII-8BIT') + uid = double(:uid, name: 'Test User', email: email) + raw_key = double(:raw_key, uids: [uid]) + allow(Gitlab::Gpg::CurrentKeyChain).to receive(:fingerprints_from_key).with(public_key).and_return(fingerprints) + allow(GPGME::Key).to receive(:find).with(:public, anything).and_return([raw_key]) + + user_infos = described_class.user_infos_from_key(public_key) + expect(user_infos).to eq([]) + end end describe '.current_home_dir' do |