- Strings::isHex() should not be misused for checking on NULL
This commit is contained in:
Roland Häder 2022-06-20 08:25:17 +02:00
parent 6743de63f5
commit e5cc7a5ab1
No known key found for this signature in database
GPG key ID: C82EDE5DDFA0BA77
2 changed files with 6 additions and 10 deletions

View file

@ -187,7 +187,7 @@ function photos_post(App $a)
} }
if (DI::args()->getArgc() > 3 && DI::args()->getArgv()[2] === 'album') { if (DI::args()->getArgc() > 3 && DI::args()->getArgv()[2] === 'album') {
if (!Strings::isHex(DI::args()->getArgv()[3])) { if (!Strings::isHex(DI::args()->getArgv()[3] ?? '')) {
DI::baseUrl()->redirect('photos/' . $user['nickname'] . '/album'); DI::baseUrl()->redirect('photos/' . $user['nickname'] . '/album');
} }
$album = hex2bin(DI::args()->getArgv()[3]); $album = hex2bin(DI::args()->getArgv()[3]);
@ -892,7 +892,7 @@ function photos_content(App $a)
return; return;
} }
$selname = Strings::isHex($datum) ? hex2bin($datum) : ''; $selname = (!is_null($datum) && Strings::isHex($datum)) ? hex2bin($datum) : '';
$albumselect = ''; $albumselect = '';
@ -954,7 +954,7 @@ function photos_content(App $a)
// Display a single photo album // Display a single photo album
if ($datatype === 'album') { if ($datatype === 'album') {
// if $datum is not a valid hex, redirect to the default page // if $datum is not a valid hex, redirect to the default page
if (!Strings::isHex($datum)) { if (is_null($datum) || !Strings::isHex($datum)) {
DI::baseUrl()->redirect('photos/' . $user['nickname']. '/album'); DI::baseUrl()->redirect('photos/' . $user['nickname']. '/album');
} }
$album = hex2bin($datum); $album = hex2bin($datum);

View file

@ -113,22 +113,18 @@ class StringsTest extends TestCase
'input' => '', 'input' => '',
'valid' => false, 'valid' => false,
], ],
'nullHex' => [
'input' => null,
'valid' => false,
],
]; ];
} }
/** /**
* Tests if the string is a valid hexadecimal value * Tests if the string is a valid hexadecimal value
* *
* @param string|null $input * @param string $input
* @param bool $valid * @param bool $valid
* *
* @dataProvider dataIsHex * @dataProvider dataIsHex
*/ */
public function testIsHex(string $input = null, bool $valid = false) public function testIsHex(string $input = '', bool $valid = false)
{ {
self::assertEquals($valid, Strings::isHex($input)); self::assertEquals($valid, Strings::isHex($input));
} }