From 838b1ee7e9b664f8a1f0987cc3d76df666e131c5 Mon Sep 17 00:00:00 2001
From: Matt Amos <zerebubuth@gmail.com>
Date: Sun, 8 Aug 2010 15:47:55 +0100
Subject: [PATCH] Fixed AMF controller to validate changeset comments

Fixed AMF controller so that it doesn't accept non-UTF8 comments, and
throws away non-XML characters.
---
 app/controllers/amf_controller.rb      | 13 ++++++++++++-
 test/functional/amf_controller_test.rb | 18 ++++++++++++++++++
 2 files changed, 30 insertions(+), 1 deletion(-)

diff --git a/app/controllers/amf_controller.rb b/app/controllers/amf_controller.rb
index 447ebbc5f..0b04f0f35 100644
--- a/app/controllers/amf_controller.rb
+++ b/app/controllers/amf_controller.rb
@@ -187,6 +187,11 @@ class AmfController < ApplicationController
       if !user then return -1,"You are not logged in, so Potlatch can't write any changes to the database." end
       unless user.active_blocks.empty? then return -1,t('application.setup_user_auth.blocked') end
 
+      if cstags
+        if !tags_ok(cstags) then return -1,"One of the tags is invalid. Linux users may need to upgrade to Flash Player 10.1." end
+        cstags = strip_non_xml_chars cstags
+      end
+
       # close previous changeset and add comment
       if closeid
         cs = Changeset.find(closeid.to_i)
@@ -197,6 +202,8 @@ class AmfController < ApplicationController
           cs.save!
         else
           cs.tags['comment']=closecomment
+          # in case closecomment has chars not allowed in xml
+          cs.tags = strip_non_xml_chars cs.tags
           cs.save_with_tags!
         end
       end
@@ -206,7 +213,11 @@ class AmfController < ApplicationController
         cs = Changeset.new
         cs.tags = cstags
         cs.user_id = user.id
-        if !closecomment.empty? then cs.tags['comment']=closecomment end
+        if !closecomment.empty? 
+          cs.tags['comment']=closecomment 
+          # in case closecomment has chars not allowed in xml
+          cs.tags = strip_non_xml_chars cs.tags
+        end
         # smsm1 doesn't like the next two lines and thinks they need to be abstracted to the model more/better
         cs.created_at = Time.now.getutc
         cs.closed_at = cs.created_at + Changeset::IDLE_TIMEOUT
diff --git a/test/functional/amf_controller_test.rb b/test/functional/amf_controller_test.rb
index 3bb1d273e..2c76dfc9c 100644
--- a/test/functional/amf_controller_test.rb
+++ b/test/functional/amf_controller_test.rb
@@ -529,6 +529,24 @@ class AmfControllerTest < ActionController::TestCase
     
   end
 
+  def test_startchangeset_invalid_xmlchar_comment
+    invalid = "\035\022"
+    comment = "foo#{invalid}bar"
+      
+    amf_content "startchangeset", "/1", ["test@example.com:test", Hash.new, nil, comment, 1]
+    post :amf_write
+    assert_response :success
+    amf_parse_response
+    result = amf_result("/1")
+
+    assert_equal 3, result.size, result.inspect
+    assert_equal 0, result[0]
+    new_cs_id = result[2]
+
+    cs = Changeset.find(new_cs_id)
+    assert_equal "foobar", cs.tags["comment"]
+  end
+
   # ************************************************************
   # AMF Helper functions
 
-- 
2.43.2