components/autofill/core/common/autofill_data_validation.cc

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "components/autofill/core/common/autofill_data_validation.h"
   6
   7 #include "components/autofill/core/common/form_data.h"
   8 #include "components/autofill/core/common/form_field_data.h"
   9 #include "components/autofill/core/common/password_form_fill_data.h"
  10 #include "url/gurl.h"
  11
  12 namespace autofill {
  13
  14 const size_t kMaxDataLength = 1024;
  15
  16 // Allow enough space for all countries (roughly 300 distinct values) and all
  17 // timezones (roughly 400 distinct values), plus some extra wiggle room.
  18 const size_t kMaxListSize = 512;
  19
  20 bool IsValidString(const std::string& str) {
  21   return str.size() <= kMaxDataLength;
  22 }
  23
  24 bool IsValidString16(const base::string16& str) {
  25   return str.size() <= kMaxDataLength;
  26 }
  27
  28 bool IsValidGURL(const GURL& url) {
  29   return url.is_empty() || url.is_valid();
  30 }
  31
  32 bool IsValidFormFieldData(const FormFieldData& field) {
  33   return
  34       IsValidString16(field.label) &&
  35       IsValidString16(field.name) &&
  36       IsValidString16(field.value) &&
  37       IsValidString(field.form_control_type) &&
  38       IsValidString(field.autocomplete_attribute) &&
  39       IsValidString16Vector(field.option_values) &&
  40       IsValidString16Vector(field.option_contents);
  41 }
  42
  43 bool IsValidFormData(const FormData& form) {
  44   if (!IsValidString16(form.name) ||
  45       !IsValidGURL(form.origin) ||
  46       !IsValidGURL(form.action))
  47     return false;
  48
  49   if (form.fields.size() > kMaxListSize)
  50     return false;
  51
  52   for (std::vector<FormFieldData>::const_iterator it = form.fields.begin();
  53        it != form.fields.end(); ++it) {
  54     if (!IsValidFormFieldData(*it))
  55       return false;
  56   }
  57
  58   return true;
  59 }
  60
  61 bool IsValidPasswordFormFillData(const PasswordFormFillData& form) {
  62   if (!IsValidFormData(form.basic_data) ||
  63       !IsValidString(form.preferred_realm))
  64     return false;
  65
  66   for (PasswordFormFillData::LoginCollection::const_iterator it =
  67            form.additional_logins.begin();
  68        it != form.additional_logins.end(); ++it) {
  69     if (!IsValidString16(it->first) ||
  70         !IsValidString16(it->second.password) ||
  71         !IsValidString(it->second.realm))
  72       return false;
  73   }
  74
  75   for (PasswordFormFillData::UsernamesCollection::const_iterator it =
  76            form.other_possible_usernames.begin();
  77        it != form.other_possible_usernames.end(); ++it) {
  78     if (!IsValidString16(it->first.username) ||
  79         !IsValidString16(it->first.password) ||
  80         !IsValidString(it->first.realm) ||
  81         !IsValidString16Vector(it->second))
  82       return false;
  83   }
  84
  85   return true;
  86 }
  87
  88 bool IsValidString16Vector(const std::vector<base::string16>& v) {
  89   if (v.size() > kMaxListSize)
  90     return false;
  91
  92   for (std::vector<base::string16>::const_iterator it = v.begin();
  93        it != v.end(); ++it) {
  94     if (!IsValidString16(*it))
  95       return false;
  96   }
  97
  98   return true;
  99 }
 100
 101 bool IsValidFormDataVector(const std::vector<FormData>& v) {
 102   if (v.size() > kMaxListSize)
 103     return false;
 104
 105   for (std::vector<FormData>::const_iterator it = v.begin(); it != v.end();
 106        ++it) {
 107     if (!IsValidFormData(*it))
 108       return false;
 109   }
 110
 111   return true;
 112 }
 113
 114 }  // namespace autofill