search

timothyhinrichs / rsbc

Rails Security By Construction
2 stars 1 forks source link

Ruby nil? to Javascript null #3

Closed michaelcueno closed 12 years ago

michaelcueno commented 12 years ago

So far I have encountered these cases with nil -----> From https://github.com/edavis10/redmine/blob/master/app/models/issue.rb#L395

if self.due_date.nil? && @attributes['due_date'] && !@attributes['due_date'].empty?
      errors.add :due_date, :not_a_date
end

At this point our translator treats instance variables as if they were local variables and so out plato_output looks like this: (Don't pay attention to how .empty? gets translated, I haven't extended the translator for this yet)

(AND (AND (=> (AND (== ?DUE_DATE NULL) (AND ?DUE_DATE (NOT (?DUE_DATE)))) FALSE)))) Plato doesn't like this

Focus on how self.due_date.nil? translates to (== ?DUE_DATE NULL) I don't know if this will work on the javascript side

Another thing to consider is when we have something in ruby like 

if self.due_date then    #do something

Plato would see it as (?due_date) which doesn't work because it needs to evaluate to either true or false, right?

Translation for nil? in our code

ghost commented 12 years ago

Inline.

Tim

On Wed, Jun 20, 2012 at 3:53 PM, mcueno2 reply@reply.github.com wrote:

So far I have encountered these cases with nil -----> From https://github.com/edavis10/redmine/blob/master/app/models/issue.rb#L395

if self.due_date.nil? && @attributes['due_date'] && !@attributes['due_date'].empty?
     errors.add :due_date, :not_a_date
end

This is weird. self.due_date.nil? and @attributes['due_date'] can never be true at the same time, right? Because @attributes['due_date'] requires 'due_date' to be non-nil.

At this point our translator treats instance variables as if they were local variables and so out plato_output looks like this: (Don't pay attention to how .empty? gets translated, I haven't extended the translator for this yet)

(AND (AND (=> (AND (== ?DUE_DATE NULL) (AND ?DUE_DATE (NOT (?DUE_DATE)))) FALSE))))  Plato doesn't like this

Focus on how self.due_date.nil?  translates to (== ?DUE_DATE NULL)   I don't know if this will work on the javascript side

I need to think about this. For the time being, let's think of any validator using nil? as one of the classes of validators that we're recording when doing our study. (We may or may not end up handlling it.)

Another thing to consider is when we have something in ruby like

if self.due_date then    #do something

Plato would see it as  (?due_date) which doesn't work because it needs to evaluate to either true or false, right?

If I remember right, (=> ?due_date false) should be okay because I'm translating it into something like (=> (= ?due_date true) false). Try the plato_check.

But (=> (?due_date) false) will NOT be okay because it thinks that (?due_date) is a function. Again try plato_check. I can probably fix the latter if it's a pain to eliminate those extra parentheses.

Tim

Translation for nil? in our code

Reply to this email directly or view it on GitHub: https://github.com/thinrich/rsbc/issues/3

ghost commented 12 years ago

Here's what I'm thinking about NIL?. First some background on what data gets sent to the server when the user submits a form. In our birthday example, if the user supplies Jan 19 2009 then the server (basically) sees...

month: Jan day: 19 year: 2009

If the user leaves the month blank, then the server sees

month: day: 19 year: 2009

In both these cases month.nil? is false. In the second case month's value is the empty string, so month.empty() is true and month == "" is true.

Sometimes though, the server will not be sent any value for month---not even the empty string. The server will simply receive ...

day: 19 year: 2009

Here month.nil? is true. I don't know all of the reasons that MONTH is left out of the submission, but one of them is when the controller is deemed DISABLED. For example, if the HTML for a textbox is

then month will not be submitted to the server, regardless what value the user has entered. The reason this is important is that the check for nil? is qualitatively different than the other checks we've seen. It is not a check based on the current value of a textbox; it is a check based on the DOM properties of the textbox (e.g. whether DISABLED is true).

So NIL? is not something Plato will be able to handle without some tweaking. So let's add NIL? to our list of validator characteristics so that when we do our study we can see how prevalent NIL? is.

I'll open 2 issues on Plato: one for error messages and one for NIL. Is there anything else we've wanted Plato to do but doesn't?

Tim

On Wed, Jun 20, 2012 at 5:10 PM, Tim Hinrichs hinrichs@uic.edu wrote:

Inline.

Tim

On Wed, Jun 20, 2012 at 3:53 PM, mcueno2 reply@reply.github.com wrote:

So far I have encountered these cases with nil -----> From https://github.com/edavis10/redmine/blob/master/app/models/issue.rb#L395

if self.due_date.nil? && @attributes['due_date'] && !@attributes['due_date'].empty?
     errors.add :due_date, :not_a_date
end

This is weird.  self.due_date.nil? and @attributes['due_date']  can never be true at the same time, right?  Because @attributes['due_date'] requires 'due_date' to be non-nil.

At this point our translator treats instance variables as if they were local variables and so out plato_output looks like this: (Don't pay attention to how .empty? gets translated, I haven't extended the translator for this yet)

(AND (AND (=> (AND (== ?DUE_DATE NULL) (AND ?DUE_DATE (NOT (?DUE_DATE)))) FALSE))))  Plato doesn't like this

Focus on how self.due_date.nil?  translates to (== ?DUE_DATE NULL)   I don't know if this will work on the javascript side

I need to think about this.  For the time being, let's think of any validator using nil? as one of the classes of validators that we're recording when doing our study.  (We may or may not end up handlling it.)

Another thing to consider is when we have something in ruby like

if self.due_date then    #do something

Plato would see it as  (?due_date) which doesn't work because it needs to evaluate to either true or false, right?

If I remember right, (=> ?due_date false) should be okay because I'm translating it into something like (=> (= ?due_date true) false). Try the plato_check.

But (=> (?due_date) false) will NOT be okay because it thinks that (?due_date) is a function.  Again try plato_check.  I can probably fix the latter if it's a pain to eliminate those extra parentheses.

Tim

Translation for nil? in our code

Reply to this email directly or view it on GitHub: https://github.com/thinrich/rsbc/issues/3

michaelcueno commented 12 years ago

Ok sounds good.

Nothing comes to mind at the moment for plato, but I'll keep my eyes open