Improving session name check in policy-tool page.

Session name with '\' or '/' is not valid anymore. Bug: 820546 Change-Id: Ib79acb5902aa8ef5c686e15463258e32519df052 Reviewed-on: https://chromium-review.googlesource.com/981304Reviewed-by: Georges Khalil <georgesak@chromium.org> Reviewed-by: Dave Schuyler <dschuyler@chromium.org> Reviewed-by: Owen Min <zmin@chromium.org> Commit-Queue: Martin Rodriguez <rodmartin@google.com> Cr-Commit-Position: refs/heads/master@{#547533}

Improving session name check in policy-tool page.
Session name with '\' or '/' is not valid anymore. Bug: 820546 Change-Id: Ib79acb5902aa8ef5c686e15463258e32519df052 Reviewed-on: https://chromium-review.googlesource.com/981304Reviewed-by: Georges Khalil <georgesak@chromium.org> Reviewed-by: Dave Schuyler <dschuyler@chromium.org> Reviewed-by: Owen Min <zmin@chromium.org> Commit-Queue: Martin Rodriguez <rodmartin@google.com> Cr-Commit-Position: refs/heads/master@{#547533}
4459f6fe · rodmartin · Commit Bot · 6315430c · 4459f6fe · 4459f6fe
Commit 4459f6fe authored Apr 02, 2018 by rodmartin Committed by Commit Bot Apr 02, 2018
Showing with 14 additions and 1 deletion

chrome/browser/ui/webui/policy_tool_ui_browsertest.cc chrome/browser/ui/webui/policy_tool_ui_browsertest.cc +7 -0

chrome/browser/ui/webui/policy_tool_ui_handler.cc chrome/browser/ui/webui/policy_tool_ui_handler.cc +7 -1

No files found.
--- a/chrome/browser/ui/webui/policy_tool_ui_browsertest.cc
+++ b/chrome/browser/ui/webui/policy_tool_ui_browsertest.cc
@@ -353,6 +353,8 @@ IN_PROC_BROWSER_TEST_F(PolicyToolUITest, InvalidSessionName) {
  EXPECT_FALSE(IsInvalidSessionNameErrorMessageDisplayed());
  LoadSession("../test");
  EXPECT_TRUE(IsInvalidSessionNameErrorMessageDisplayed());
+  LoadSession("/full_path");
+  EXPECT_TRUE(IsInvalidSessionNameErrorMessageDisplayed());
  LoadSession("policy");
  EXPECT_FALSE(IsInvalidSessionNameErrorMessageDisplayed());
 }
@@ -505,4 +507,9 @@ IN_PROC_BROWSER_TEST_F(PolicyToolUITest, RenameSessionInvalidName) {
  expected.GetList().push_back(base::Value("1"));
  expected.GetList().push_back(base::Value("0"));
  EXPECT_EQ(expected, *ExtractSessionsList());
+
+  // Check that full path is not allowed
+  RenameSession("2", "/full_path");
+  EXPECT_TRUE(IsSessionRenameErrorMessageDisplayed());
+  EXPECT_EQ(expected, *ExtractSessionsList());
 }
--- a/chrome/browser/ui/webui/policy_tool_ui_handler.cc
+++ b/chrome/browser/ui/webui/policy_tool_ui_handler.cc
@@ -212,8 +212,14 @@ bool PolicyToolUIHandler::IsValidSessionName(
    const base::FilePath::StringType& name) const {
  // Check if the session name is valid, which means that it doesn't use
  // filesystem navigation (e.g. ../ or nested folder).
+
+  // Sanity check to avoid that GetSessionPath(|name|) crashed.
+  if (base::FilePath(name).IsAbsolute())
+    return false;
  base::FilePath session_path = GetSessionPath(name);
-  return !session_path.empty() && session_path.DirName() == sessions_dir_;
+  return !session_path.empty() && session_path.DirName() == sessions_dir_ &&
+         session_path.BaseName().RemoveExtension() == base::FilePath(name) &&
+         !session_path.EndsWithSeparator();
 }

 void PolicyToolUIHandler::HandleLoadSession(const base::ListValue* args) {