Add basic input validation to {Meta,Target}File

Add basic checks for allowed input values during objects' serialization. Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
2026-05-24 10:08:28 +00:00 · 2021-06-08 18:23:11 +03:00 · 2021-06-08 18:23:11 +03:00 · dcdd33287c
commit dcdd33287c
parent 22facb7753
1 changed files with 14 additions and 0 deletions
--- a/tuf/api/metadata.py
+++ b/tuf/api/metadata.py
@ -719,6 +719,13 @@ def from_dict(cls, meta_dict: Dict[str, Any]) -> "MetaFile":
        version = meta_dict.pop("version")
        length = meta_dict.pop("length", None)
        hashes = meta_dict.pop("hashes", None)
+
+        # Do some basic input validation
+        if version <= 0:
+            raise ValueError(f"Metafile version must be > 0, got {version}")
+        if length is not None and length <= 0:
+            raise ValueError(f"Metafile length must be > 0, got {length}")
+
        # All fields left in the meta_dict are unrecognized.
        return cls(version, length, hashes, meta_dict)

@ -1019,6 +1026,13 @@ def from_dict(cls, target_dict: Dict[str, Any]) -> "TargetFile":
        """Creates TargetFile object from its dict representation."""
        length = target_dict.pop("length")
        hashes = target_dict.pop("hashes")
+
+        # Do some basic validation checks
+        if length <= 0:
+            raise ValueError(f"Targetfile length must be > 0, got {length}")
+        if not hashes:
+            raise ValueError("Missing targetfile hashes")
+
        # All fields left in the target_dict are unrecognized.
        return cls(length, hashes, target_dict)