[avro] branch branch-1.11 updated: Fix to deny invalid field names. (#2414)

Fri, 04 Aug 2023 00:33:42 -0700 

This is an automated email from the ASF dual-hosted git repository.

mgrigorov pushed a commit to branch branch-1.11
in repository https://gitbox.apache.org/repos/asf/avro.git


The following commit(s) were added to refs/heads/branch-1.11 by this push:
     new 05ecd9c1b Fix to deny invalid field names. (#2414)
05ecd9c1b is described below

commit 05ecd9c1bb545c5f63cbd2bf862d466185a4c7af
Author: Kousuke Saruta <[email protected]>
AuthorDate: Fri Aug 4 16:33:21 2023 +0900

    Fix to deny invalid field names. (#2414)
    
    (cherry picked from commit db359f50d44c2440fde15215f8dd46ec0eacc559)
---
 lang/rust/avro/src/error.rs  |  3 +++
 lang/rust/avro/src/schema.rs | 38 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 41 insertions(+)

diff --git a/lang/rust/avro/src/error.rs b/lang/rust/avro/src/error.rs
index f4479a1ae..a82147530 100644
--- a/lang/rust/avro/src/error.rs
+++ b/lang/rust/avro/src/error.rs
@@ -304,6 +304,9 @@ pub enum Error {
     #[error("Invalid enum symbol name {0}")]
     EnumSymbolName(String),
 
+    #[error("Invalid field name {0}")]
+    FieldName(String),
+
     #[error("Invalid schema name {0}. It must match the regex '{1}'")]
     InvalidSchemaName(String, &'static str),
 
diff --git a/lang/rust/avro/src/schema.rs b/lang/rust/avro/src/schema.rs
index 7dbf8a1f6..45333cf37 100644
--- a/lang/rust/avro/src/schema.rs
+++ b/lang/rust/avro/src/schema.rs
@@ -43,6 +43,8 @@ lazy_static! {
     // An optional namespace (with optional dots) followed by a name without 
any dots in it.
     static ref SCHEMA_NAME_R: Regex =
         
Regex::new(r"^((?P<namespace>[A-Za-z_][A-Za-z0-9_\.]*)*\.)?(?P<name>[A-Za-z_][A-Za-z0-9_]*)$").unwrap();
+
+    static ref FIELD_NAME_R: Regex = 
Regex::new(r"^[A-Za-z_][A-Za-z0-9_]*$").unwrap();
 }
 
 /// Represents an Avro schema fingerprint
@@ -622,6 +624,10 @@ impl RecordField {
     ) -> AvroResult<Self> {
         let name = field.name().ok_or(Error::GetNameFieldFromRecord)?;
 
+        if !FIELD_NAME_R.is_match(&name) {
+            return Err(Error::FieldName(name));
+        }
+
         // TODO: "type" = "<record name>"
         let schema = parser.parse_complex(field, enclosing_namespace)?;
 
@@ -4988,4 +4994,36 @@ mod tests {
 
         Ok(())
     }
+
+    #[test]
+    fn test_avro_3820_deny_invalid_field_names() -> TestResult {
+        let schema_str = r#"
+        {
+          "name": "my_record",
+          "type": "record",
+          "fields": [
+            {
+              "name": "f1.x",
+              "type": {
+                "name": "my_enum",
+                "type": "enum",
+                "symbols": ["a"]
+              }
+            },  {
+              "name": "f2",
+              "type": {
+                "name": "my_fixed",
+                "type": "fixed",
+                "size": 1
+              }
+            }
+          ]
+        }
+        "#;
+
+        match Schema::parse_str(schema_str) {
+            Err(Error::FieldName(x)) if x == "f1.x" => Ok(()),
+            other => Err(format!("Expected Error::FieldName, got 
{other:?}").into()),
+        }
+    }
 }

Reply via email to