SVSim/SVSimServer
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix(account): /account/update_name validates name input

Browse Source 
Reject empty / whitespace / explicit-null / over-cap names with 400
instead of NREing on null assignment or storing arbitrarily-long
strings the DB column has no cap on. 24-char limit is a conservative
backstop against direct API abuse; the client UI enforces its own
keyboard limit.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
gamer147
2026-05-28 21:11:27 -04:00
parent d13082a8ca
commit 91412ff821
2 changed files with 91 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
SVSim.EmulatedEntrypoint/Controllers/AccountController.cs
View File

@@ -10,6 +10,14 @@ namespace SVSim.EmulatedEntrypoint.Controllers;
/// </summary>
public class AccountController : SVSimController
{
/// <summary>
/// Conservative server-side cap on viewer display names. The client's UserNameInput
/// enforces its own limit at the keyboard; this is the backstop against direct API
/// abuse (10-MB names ballooning every subsequent /load/index, etc.). Names are
/// typically &lt;=20 chars in prod traffic.
/// </summary>
private const int MaxDisplayNameLength = 24;
private readonly SVSimDbContext _db;
public AccountController(SVSimDbContext db)
@@ -22,6 +30,14 @@ public class AccountController : SVSimController
{
if (!TryGetViewerId(out long viewerId)) return Unauthorized();
// Defensive null check: the DTO defaults to string.Empty but a JSON body with
// an explicit `"name": null` deserialises through msgpack→JSON→STJ to null, and
// assigning null to viewer.DisplayName (non-nullable in the entity) would NRE.
if (string.IsNullOrWhiteSpace(request.Name))
return BadRequest(new { error = "name_empty" });
if (request.Name.Length > MaxDisplayNameLength)
return BadRequest(new { error = "name_too_long" });
var viewer = await _db.Viewers.FirstAsync(v => v.Id == viewerId);
viewer.DisplayName = request.Name;
await _db.SaveChangesAsync();

75
SVSim.UnitTests/Controllers/AccountControllerTests.cs
View File

@@ -31,4 +31,79 @@ public class AccountControllerTests
var viewer = await db.Viewers.FirstAsync(v => v.Id == viewerId);
Assert.That(viewer.DisplayName, Is.EqualTo("littlefootse"));
}
[TestCase("")]
[TestCase(" ")]
[TestCase("\t\n")]
public async Task UpdateName_rejects_empty_or_whitespace(string name)
{
using var factory = new SVSimTestFactory();
long viewerId = await factory.SeedViewerAsync(tutorialState: 0);
using var client = factory.CreateAuthenticatedClient(viewerId);
var requestJson = $$"""{"name":{{JsonSerializer.Serialize(name)}},"viewer_id":"0","steam_id":0,"steam_session_ticket":""}""";
var response = await client.PostAsync("/account/update_name",
new StringContent(requestJson, Encoding.UTF8, "application/json"));
Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.BadRequest));
// Display name remains the seeded default ("Test Viewer").
using var scope = factory.Services.CreateScope();
var db = scope.ServiceProvider.GetRequiredService<SVSimDbContext>();
var viewer = await db.Viewers.FirstAsync(v => v.Id == viewerId);
Assert.That(viewer.DisplayName, Is.EqualTo("Test Viewer"));
}
[Test]
public async Task UpdateName_rejects_explicit_null()
{
using var factory = new SVSimTestFactory();
long viewerId = await factory.SeedViewerAsync(tutorialState: 0);
using var client = factory.CreateAuthenticatedClient(viewerId);
// Explicit JSON null — used to NRE when the controller assigned request.Name
// (default string.Empty) straight to viewer.DisplayName without a null check.
var requestJson = """{"name":null,"viewer_id":"0","steam_id":0,"steam_session_ticket":""}""";
var response = await client.PostAsync("/account/update_name",
new StringContent(requestJson, Encoding.UTF8, "application/json"));
Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.BadRequest));
}
[Test]
public async Task UpdateName_rejects_too_long_name()
{
using var factory = new SVSimTestFactory();
long viewerId = await factory.SeedViewerAsync(tutorialState: 0);
using var client = factory.CreateAuthenticatedClient(viewerId);
// 25 chars > the 24-char server cap.
var name = new string('a', 25);
var requestJson = $$"""{"name":"{{name}}","viewer_id":"0","steam_id":0,"steam_session_ticket":""}""";
var response = await client.PostAsync("/account/update_name",
new StringContent(requestJson, Encoding.UTF8, "application/json"));
Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.BadRequest));
}
[Test]
public async Task UpdateName_accepts_name_at_cap_boundary()
{
using var factory = new SVSimTestFactory();
long viewerId = await factory.SeedViewerAsync(tutorialState: 0);
using var client = factory.CreateAuthenticatedClient(viewerId);
// Exactly 24 chars — boundary case.
var name = new string('a', 24);
var requestJson = $$"""{"name":"{{name}}","viewer_id":"0","steam_id":0,"steam_session_ticket":""}""";
var response = await client.PostAsync("/account/update_name",
new StringContent(requestJson, Encoding.UTF8, "application/json"));
Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.OK));
using var scope = factory.Services.CreateScope();
var db = scope.ServiceProvider.GetRequiredService<SVSimDbContext>();
var viewer = await db.Viewers.FirstAsync(v => v.Id == viewerId);
Assert.That(viewer.DisplayName, Is.EqualTo(name));
}
}