From 6b57cb6b7cc02ddf3d2ad408f5b95ec71debdeaa Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Mon, 24 Sep 2018 16:20:57 +0200 Subject: [PATCH] fix strict Application ID checks * upper case letters are allowed at all positions * there must be a "." separator --- fdroidserver/common.py | 2 +- tests/common.TestCase | 38 ++++++++++++++++++++++++++++++-------- 2 files changed, 31 insertions(+), 9 deletions(-) diff --git a/fdroidserver/common.py b/fdroidserver/common.py index 084f982f..9e1c49f6 100644 --- a/fdroidserver/common.py +++ b/fdroidserver/common.py @@ -77,7 +77,7 @@ APK_NAME_REGEX = re.compile(r'^([a-zA-Z][\w.]*)_(-?[0-9]+)_?([0-9a-f]{7})?\.apk' APK_ID_TRIPLET_REGEX = re.compile(r"^package: name='(\w[^']*)' versionCode='([^']+)' versionName='([^']*)'") STANDARD_FILE_NAME_REGEX = re.compile(r'^(\w[\w.]*)_(-?[0-9]+)\.\w+') FDROID_PACKAGE_NAME_REGEX = re.compile(r'''^[a-f0-9]+$''', re.IGNORECASE) -STRICT_APPLICATION_ID_REGEX = re.compile(r'''(?:^[a-z_]+(?:\d*[a-zA-Z_]*)*)(?:\.[a-z_]+(?:\d*[a-zA-Z_]*)*)*$''') +STRICT_APPLICATION_ID_REGEX = re.compile(r'''(?:^[a-zA-Z]+(?:\d*[a-zA-Z_]*)*)(?:\.[a-zA-Z]+(?:\d*[a-zA-Z_]*)*)+$''') VALID_APPLICATION_ID_REGEX = re.compile(r'''(?:^[a-z_]+(?:\d*[a-zA-Z_]*)*)(?:\.[a-z_]+(?:\d*[a-zA-Z_]*)*)*$''', re.IGNORECASE) diff --git a/tests/common.TestCase b/tests/common.TestCase index 125f0961..518a0a49 100755 --- a/tests/common.TestCase +++ b/tests/common.TestCase @@ -172,16 +172,38 @@ class CommonTest(unittest.TestCase): self.assertFalse(fdroidserver.common.is_apk_and_debuggable_androguard(apkfile), 'androguard missed !') + VALID_STRICT_PACKAGE_NAMES = [ + "An.stop", + "SpeedoMeterApp.main", + "a2dp.Vol", + "au.com.darkside.XServer", + "click.dummer.UartSmartwatch", + "com.Bisha.TI89EmuDonation", + "com.MarcosDiez.shareviahttp", + "com.Pau.ImapNotes2", + "com.app.Zensuren", + "com.darshancomputing.BatteryIndicator", + "com.geecko.QuickLyric", + "com.genonbeta.TrebleShot", + "com.gpl.rpg.AndorsTrail", + "com.hobbyone.HashDroid", + "com.moez.QKSMS", + "com.platypus.SAnd", + "com.prhlt.aemus.Read4SpeechExperiments", + "de.syss.MifareClassicTool", + "org.fdroid.fdroid", + "org.f_droid.fdr0ID", + ] + def test_is_valid_package_name(self): - for name in ["cafebabe", - "org.fdroid.fdroid", - "org.f_droid.fdr0ID", - "SpeedoMeterApp.main", - "05041684efd9b16c2888b1eddbadd0359f655f311b89bdd1737f560a10d20fb8"]: + for name in self.VALID_STRICT_PACKAGE_NAMES + [ + "_SpeedoMeterApp.main", + "05041684efd9b16c2888b1eddbadd0359f655f311b89bdd1737f560a10d20fb8"]: self.assertTrue(fdroidserver.common.is_valid_package_name(name), "{0} should be a valid package name".format(name)) for name in ["0rg.fdroid.fdroid", ".f_droid.fdr0ID", + "trailingdot.", "org.fdroid/fdroid", "/org.fdroid.fdroid"]: self.assertFalse(fdroidserver.common.is_valid_package_name(name), @@ -189,17 +211,17 @@ class CommonTest(unittest.TestCase): def test_is_strict_application_id(self): """see also tests/valid-package-names/""" - for name in ["org.fdroid.fdroid", - "org.f_droid.fdr0ID"]: + for name in self.VALID_STRICT_PACKAGE_NAMES: self.assertTrue(fdroidserver.common.is_strict_application_id(name), "{0} should be a strict application id".format(name)) for name in ["0rg.fdroid.fdroid", ".f_droid.fdr0ID", "oneword", + "trailingdot.", "cafebabe", - "SpeedoMeterApp.main", "org.fdroid/fdroid", "/org.fdroid.fdroid", + "_SpeedoMeterApp.main", "05041684efd9b16c2888b1eddbadd0359f655f311b89bdd1737f560a10d20fb8"]: self.assertFalse(fdroidserver.common.is_strict_application_id(name), "{0} should not be a strict application id".format(name))