aboutsummaryrefslogtreecommitdiffstats
path: root/bridge/github
diff options
context:
space:
mode:
authorMichael Muré <batolettre@gmail.com>2021-04-17 17:40:11 +0200
committerMichael Muré <batolettre@gmail.com>2021-04-17 17:40:11 +0200
commit51a2c85954e77068c6afbb4ca54159086220aefd (patch)
tree9b424181369a67f69502a27186bd266a19a28506 /bridge/github
parent62fb09a53cc626ac581f33b466a1cdf14eb6ed89 (diff)
downloadgit-bug-51a2c85954e77068c6afbb4ca54159086220aefd.tar.gz
make sure every text input is safe and validated
fix #630
Diffstat (limited to 'bridge/github')
-rw-r--r--bridge/github/import.go27
1 files changed, 7 insertions, 20 deletions
diff --git a/bridge/github/import.go b/bridge/github/import.go
index bf43a877..f410cc65 100644
--- a/bridge/github/import.go
+++ b/bridge/github/import.go
@@ -211,17 +211,13 @@ func (gi *githubImporter) ensureIssue(ctx context.Context, repo *cache.RepoCache
// if there are no issue edits then the issue struct holds the bug creation
textInput = string(issue.Body)
}
- cleanText, err := text.Cleanup(textInput)
- if err != nil {
- return nil, err
- }
// create bug
b, _, err = repo.NewBugRaw(
author,
issue.CreatedAt.Unix(),
- title, // TODO: this is the *current* title, not the original one
- cleanText,
+ text.CleanupOneLine(title), // TODO: this is the *current* title, not the original one
+ text.Cleanup(textInput),
nil,
map[string]string{
core.MetaKeyOrigin: target,
@@ -269,7 +265,7 @@ func (gi *githubImporter) ensureTimelineItem(ctx context.Context, repo *cache.Re
author,
item.LabeledEvent.CreatedAt.Unix(),
[]string{
- string(item.LabeledEvent.Label.Name),
+ text.CleanupOneLine(string(item.LabeledEvent.Label.Name)),
},
nil,
map[string]string{metaKeyGithubId: id},
@@ -300,7 +296,7 @@ func (gi *githubImporter) ensureTimelineItem(ctx context.Context, repo *cache.Re
item.UnlabeledEvent.CreatedAt.Unix(),
nil,
[]string{
- string(item.UnlabeledEvent.Label.Name),
+ text.CleanupOneLine(string(item.UnlabeledEvent.Label.Name)),
},
map[string]string{metaKeyGithubId: id},
)
@@ -382,7 +378,7 @@ func (gi *githubImporter) ensureTimelineItem(ctx context.Context, repo *cache.Re
// The title provided by the GraphQL API actually consists of a space followed
// by a zero width space (U+200B). This title would cause the NewBugRaw()
// function to return an error: empty title.
- title := string(item.RenamedTitleEvent.CurrentTitle)
+ title := text.CleanupOneLine(string(item.RenamedTitleEvent.CurrentTitle))
if title == " \u200b" { // U+200B == zero width space
title = EmptyTitlePlaceholder
}
@@ -429,17 +425,12 @@ func (gi *githubImporter) ensureCommentEdit(ctx context.Context, repo *cache.Rep
return nil
}
- cleanText, err := text.Cleanup(string(*edit.Diff))
- if err != nil {
- return err
- }
-
// comment edition
op, err := b.EditCommentRaw(
editor,
edit.CreatedAt.Unix(),
target,
- cleanText,
+ text.Cleanup(string(*edit.Diff)),
map[string]string{
metaKeyGithubId: parseId(edit.Id),
},
@@ -476,16 +467,12 @@ func (gi *githubImporter) ensureComment(ctx context.Context, repo *cache.RepoCac
// if there are not comment edits, then the comment struct holds the comment creation
textInput = string(comment.Body)
}
- cleanText, err := text.Cleanup(textInput)
- if err != nil {
- return err
- }
// add comment operation
op, err := b.AddCommentRaw(
author,
comment.CreatedAt.Unix(),
- cleanText,
+ text.Cleanup(textInput),
nil,
map[string]string{
metaKeyGithubId: parseId(comment.Id),