Fix CSPEE source intersection in services/network

The Content-Security-Policy source intersection algorithm implemented in https://crrev.com/c/2315687 had a small bug when intersecting port undefined with *. The bug would have been caught by the unit tests, but I had a small typo there which made half of the unit tests not run. Bug: 1094909 Change-Id: Iaa8122b6a9d5b5533362675a35c784780860f0c8 Cq-Do-Not-Cancel-Tryjobs: true Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2392455Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org> Commit-Queue: Antonio Sartori <antoniosartori@chromium.org> Cr-Commit-Position: refs/heads/master@{#804207}

Fix CSPEE source intersection in services/network
The Content-Security-Policy source intersection algorithm implemented in https://crrev.com/c/2315687 had a small bug when intersecting port undefined with *. The bug would have been caught by the unit tests, but I had a small typo there which made half of the unit tests not run. Bug: 1094909 Change-Id: Iaa8122b6a9d5b5533362675a35c784780860f0c8 Cq-Do-Not-Cancel-Tryjobs: true Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2392455Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org> Commit-Queue: Antonio Sartori <antoniosartori@chromium.org> Cr-Commit-Position: refs/heads/master@{#804207}
8050deeb · Antonio Sartori · Commit Bot · 2da46881 · 8050deeb · 8050deeb
Commit 8050deeb authored Sep 03, 2020 by Antonio Sartori Committed by Commit Bot Sep 03, 2020
2 changed files
--- a/services/network/public/cpp/content_security_policy/csp_source.cc
+++ b/services/network/public/cpp/content_security_policy/csp_source.cc
@@ -246,14 +246,18 @@ mojom::CSPSourcePtr CSPSourcesIntersect(const mojom::CSPSourcePtr& source_a,
    return nullptr;
  }
-  if (SourceAllowPort(source_a, source_b->port, source_b->scheme) !=
+  if (source_b->is_port_wildcard) {
-          PortMatchingResult::NotMatching &&
+    result->port = source_a->port;
-      // If port_a is explicitly specified but port_b is omitted, then we should
+    result->is_port_wildcard = source_a->is_port_wildcard;
-      // take port_a instead of port_b, since port_a is stricter.
+  } else if (source_a->is_port_wildcard) {
-      !(source_a->port != url::PORT_UNSPECIFIED &&
+    result->port = source_b->port;
-        source_b->port == url::PORT_UNSPECIFIED)) {
+  } else if (SourceAllowPort(source_a, source_b->port, source_b->scheme) !=
+                 PortMatchingResult::NotMatching &&
+             // If port_a is explicitly specified but port_b is omitted, then we
+             // should take port_a instead of port_b, since port_a is stricter.
+             !(source_a->port != url::PORT_UNSPECIFIED &&
+               source_b->port == url::PORT_UNSPECIFIED)) {
    result->port = source_b->port;
-    result->is_port_wildcard = source_b->is_port_wildcard;
  } else if (SourceAllowPort(source_b, source_a->port, source_a->scheme) !=
             PortMatchingResult::NotMatching) {
    result->port = source_a->port;

--- a/services/network/public/cpp/content_security_policy/csp_source_unittest.cc
+++ b/services/network/public/cpp/content_security_policy/csp_source_unittest.cc
@@ -358,6 +358,7 @@ TEST(CSPSourceTest, Intersect) {
       "https://example.org/page.html"},
      {"http://example.org:*/page.html", "https://example.org/",
       "https://example.org/page.html"},
+      {"http://*.example.com:*", "http://*.com", "http://*.example.com"},
      // Empty intersection
      {"data:", "http:", nullptr},
      {"data:", "http://example.org", nullptr},
@@ -373,7 +374,7 @@ TEST(CSPSourceTest, Intersect) {
    auto b = CSPSource(test.b);
    auto a_intersect_b = CSPSourcesIntersect(a, b);
-    auto b_intersect_a = CSPSourcesIntersect(a, b);
+    auto b_intersect_a = CSPSourcesIntersect(b, a);
    if (test.intersection) {
      EXPECT_EQ(test.intersection, ToString(a_intersect_b))
          << "The intersection of " << test.a << " and " << test.b