diff options
author | Carlos Garnacho <carlosg@gnome.org> | 2022-09-02 17:41:02 +0200 |
---|---|---|
committer | Carlos Garnacho <carlosg@gnome.org> | 2022-09-02 17:55:40 +0200 |
commit | 33031007c73c8e6c2121a86f2642446cbe5fc511 (patch) | |
tree | 4e8759667807f71124044bc44cef4ee5fa1c5882 /tests | |
parent | c52e664ca968d47ee7d0e6f0a0fe908dccbfc7c8 (diff) | |
download | tracker-33031007c73c8e6c2121a86f2642446cbe5fc511.tar.gz |
libtracker-sparql: Escape illegal characters in IRIREF from TrackerResource
Currently, all IRIREF going through SPARQL updates will be validated for the
characters being in the expected set (https://www.w3.org/TR/sparql11-query/#rIRIREF),
meanwhile TrackerResource is pretty liberal in the characters used by a
TrackerResource identifier or IRI reference.
This disagreement causes has 2 possible outcomes:
- If the resource is inserted via print_sparql_update(), print_rdf() or alike while
containing illegal characters, it will find errors when handling the SPARQL update.
- If the resource is directly inserted via TrackerBatch or update_resource(), the
validation step will be bypassed, ending up with an IRI that contains illegal
characters as per the SPARQL grammar.
In order to make TrackerResource friendly to e.g. sloppy IRI composition and avoid
these ugly situations when an illegal char sneaks in, make it escape the IRIs as
defined by IRIREF in the SPARQL grammar definition. This way every method of insertion
will succeed and be most correct with the given input.
Also, add tests for this behavior, to ensure we escape what should be escaped.
Diffstat (limited to 'tests')
-rw-r--r-- | tests/libtracker-sparql/tracker-resource-test.c | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/tests/libtracker-sparql/tracker-resource-test.c b/tests/libtracker-sparql/tracker-resource-test.c index dfd7ab188..aa78ea552 100644 --- a/tests/libtracker-sparql/tracker-resource-test.c +++ b/tests/libtracker-sparql/tracker-resource-test.c @@ -220,6 +220,36 @@ test_resource_serialization (void) g_object_unref (copy); } +static void +test_resource_iri_valid_chars (void) +{ + TrackerResource *resource; + + resource = tracker_resource_new ("http://example.com/resource"); + tracker_resource_set_uri (resource, "rdf:type", "http://example.com/resource"); + g_assert_cmpstr (tracker_resource_get_identifier (resource), ==, "http://example.com/resource"); + g_assert_cmpstr (tracker_resource_get_first_uri (resource, "rdf:type"), ==, "http://example.com/resource"); + g_object_unref (resource); + + resource = tracker_resource_new ("http://example.com/♥️"); + tracker_resource_set_uri (resource, "rdf:type", "http://example.com/♥️"); + g_assert_cmpstr (tracker_resource_get_identifier (resource), ==, "http://example.com/♥️"); + g_assert_cmpstr (tracker_resource_get_first_uri (resource, "rdf:type"), ==, "http://example.com/♥️"); + g_object_unref (resource); + + resource = tracker_resource_new ("http://example.com/{}\\`\"^|"); + tracker_resource_set_uri (resource, "rdf:type", "http://example.com/{}\\`\"^|"); + g_assert_cmpstr (tracker_resource_get_identifier (resource), ==, "http://example.com/%7B%7D%5C%60%22%5E%7C"); + g_assert_cmpstr (tracker_resource_get_first_uri (resource, "rdf:type"), ==, "http://example.com/%7B%7D%5C%60%22%5E%7C"); + g_object_unref (resource); + + resource = tracker_resource_new ("http://example.com/\x1f"); + tracker_resource_set_uri (resource, "rdf:type", "http://example.com/\x1f"); + g_assert_cmpstr (tracker_resource_get_identifier (resource), ==, "http://example.com/%1F"); + g_assert_cmpstr (tracker_resource_get_first_uri (resource, "rdf:type"), ==, "http://example.com/%1F"); + g_object_unref (resource); +} + int main (int argc, char **argv) @@ -240,6 +270,8 @@ main (int argc, test_resource_get_set_pointer_validation); g_test_add_func ("/libtracker-sparql/tracker-resource/serialization", test_resource_serialization); + g_test_add_func ("/libtracker-sparql/tracker-resource/iri-valid-chars", + test_resource_iri_valid_chars); return g_test_run (); } |