[couchdb] 03/04: validate docs for _bulk_get and _bulk_docs

[rnewson]

This is an automated email from the ASF dual-hosted git repository.

rnewson pushed a commit to branch user-partitioned-dbs-6
in repository https://gitbox.apache.org/repos/asf/couchdb.git

commit ab7e854d68d8981aac3d91f50ef43eeb83afda20
Author: Garren Smith <garren.sm...@gmail.com>
AuthorDate: Thu Sep 6 15:31:26 2018 +0200

    validate docs for _bulk_get and _bulk_docs
---
 src/chttpd/src/chttpd_db.erl | 15 +++++++++------
 src/couch/src/couch_doc.erl  |  2 +-
 2 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/src/chttpd/src/chttpd_db.erl b/src/chttpd/src/chttpd_db.erl
index 3fe26a1..7707d12 100644
--- a/src/chttpd/src/chttpd_db.erl
+++ b/src/chttpd/src/chttpd_db.erl
@@ -471,7 +471,8 @@ 
db_req(#httpd{method='POST',path_parts=[_,<<"_bulk_docs">>], user_ctx=Ctx}=Req,
     true ->
         Docs = lists:map(
             fun(JsonObj) ->
-                Doc = couch_doc:from_json_obj_validate(JsonObj),
+                DbName = couch_db:name(Db),
+                Doc = couch_doc:from_json_obj_validate(JsonObj, DbName),
                 validate_attachment_names(Doc),
                 Id = case Doc#doc.id of
                     <<>> -> couch_uuids:new();
@@ -1701,7 +1702,7 @@ bulk_get_open_doc_revs(Db, {Props}, Options) ->
 
 
 bulk_get_open_doc_revs1(Db, Props, Options, {}) ->
-    case parse_field(<<"id">>, couch_util:get_value(<<"id">>, Props)) of
+    case parse_id_field(couch_util:get_value(<<"id">>, Props), Db) of
         {error, {DocId, Error, Reason}} ->
             {DocId, {error, {null, Error, Reason}}, Options};
 
@@ -1750,16 +1751,18 @@ bulk_get_open_doc_revs1(Db, Props, _, {DocId, Revs, 
Options}) ->
     end.
 
 
-parse_field(<<"id">>, undefined) ->
+parse_id_field(undefined, _Db) ->
     {ok, undefined};
-parse_field(<<"id">>, Value) ->
+parse_id_field(Value, Db) ->
     try
-        ok = couch_doc:validate_docid(Value),
+        ok = validate_docid(Value, couch_db:name(Db)),
         {ok, Value}
     catch
         throw:{Error, Reason} ->
             {error, {Value, Error, Reason}}
-    end;
+    end.
+
+
 parse_field(<<"rev">>, undefined) ->
     {ok, undefined};
 parse_field(<<"rev">>, Value) ->
diff --git a/src/couch/src/couch_doc.erl b/src/couch/src/couch_doc.erl
index f821696..135effd 100644
--- a/src/couch/src/couch_doc.erl
+++ b/src/couch/src/couch_doc.erl
@@ -221,7 +221,7 @@ validate_docid(DocId, DbName, Options) ->
                     case binary:split(DocId, <<":">>) of
                         [<<"_design/", _/binary>> | _Rest] ->
                             validate_docid(DocId);
-                        [Partition, Rest] ->
+                        [Partition, Rest] when Rest =/= <<>> ->
                             ok = validate_docid(Partition),
                             validate_docid(Rest);
                         _ ->