From d3d28a0d9440f89ff0b4cce17d247dc9483bc1a3 Mon Sep 17 00:00:00 2001 From: "mergify[bot]" <37929162+mergify[bot]@users.noreply.github.com> Date: Wed, 11 Oct 2023 14:26:11 +0200 Subject: [PATCH] Add label validation for non printable chars (#1650) (#1659) * Add label validation for non printable chars * Fix printable chars check (cherry picked from commit 1a22c29ea463adad37da5329865f83a199b237d9) Co-authored-by: pinosu <95283998+pinosu@users.noreply.github.com> --- x/wasm/types/tx_test.go | 36 ++++++++++++++++++++++++++++++++++++ x/wasm/types/validation.go | 10 ++++++++++ 2 files changed, 46 insertions(+) diff --git a/x/wasm/types/tx_test.go b/x/wasm/types/tx_test.go index 2e980fd795..52605edba1 100644 --- a/x/wasm/types/tx_test.go +++ b/x/wasm/types/tx_test.go @@ -115,6 +115,42 @@ func TestInstantiateContractValidation(t *testing.T) { }, valid: false, }, + "white space ending label": { + msg: MsgInstantiateContract{ + Sender: goodAddress, + CodeID: firstCodeID, + Label: "foo ", + Msg: []byte("{}"), + }, + valid: false, + }, + "non printable chars ending label": { + msg: MsgInstantiateContract{ + Sender: goodAddress, + CodeID: firstCodeID, + Label: "foo\v", + Msg: []byte("{}"), + }, + valid: false, + }, + "non printable chars in label": { + msg: MsgInstantiateContract{ + Sender: goodAddress, + CodeID: firstCodeID, + Label: "f\voo", + Msg: []byte("{}"), + }, + valid: false, + }, + "non printable chars beginning label": { + msg: MsgInstantiateContract{ + Sender: goodAddress, + CodeID: firstCodeID, + Label: "\vfoo", + Msg: []byte("{}"), + }, + valid: false, + }, "label too long": { msg: MsgInstantiateContract{ Sender: goodAddress, diff --git a/x/wasm/types/validation.go b/x/wasm/types/validation.go index 7282c01e1d..cbdeb77d57 100644 --- a/x/wasm/types/validation.go +++ b/x/wasm/types/validation.go @@ -4,6 +4,7 @@ import ( "fmt" "net/url" "strings" + "unicode" "github.com/docker/distribution/reference" @@ -45,6 +46,15 @@ func ValidateLabel(label string) error { if label != strings.TrimSpace(label) { return ErrInvalid.Wrap("label must not start/end with whitespaces") } + labelWithPrintableCharsOnly := strings.Map(func(r rune) rune { + if unicode.IsPrint(r) { + return r + } + return -1 + }, label) + if label != labelWithPrintableCharsOnly { + return ErrInvalid.Wrap("label must have printable characters only") + } return nil }