[server] Fix quotes in system comments

Commenting on an issue using quotes results to the error "No closing quotation" because of `shlex.split`.
Ericsson · Jan 12, 2021 · 4e0c80b · 4e0c80b
1 parent 64ccd97
commit 4e0c80b
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 23 deletions.
diff --git a/web/server/codechecker_server/api/report_server.py b/web/server/codechecker_server/api/report_server.py
@@ -695,12 +695,19 @@ def get_comment_msg(comment):
     """
     context = webserver_context.get_context()
     message = comment.message.decode('utf-8')
-    sys_comment = comment_kind_from_thrift_type(
-        ttypes.CommentKind.SYSTEM)
+    sys_comment = comment_kind_from_thrift_type(ttypes.CommentKind.SYSTEM)
+
     if comment.kind == sys_comment:
-        elements = shlex.split(message)
-        system_comment = context.system_comment_map.get(
-            elements[0])
+        try:
+            elements = shlex.split(message)
+        except ValueError:
+            # In earlier CodeChecker we saved system comments
+            # without escaping special characters such as
+            # quotes. This is kept only for backward
+            # compatibility reason.
+            elements = shlex.split(shlex.quote(message))
+
+        system_comment = context.system_comment_map.get(elements[0])
         if system_comment:
             for idx, value in enumerate(elements[1:]):
                 system_comment = system_comment.replace(
@@ -875,17 +882,6 @@ def sort_run_data_query(query, sort_mode):
     return query
 
 
-def escape_whitespaces(s, whitespaces=None):
-    if not whitespaces:
-        whitespaces = [' ', '\n', '\t', '\r']
-
-    escaped = s
-    for w in whitespaces:
-        escaped = escaped.replace(w, '\\{0}'.format(w))
-
-    return escaped
-
-
 def get_failed_files_query(session, run_ids, query_fields,
                            extra_sub_query_fields=None):
     """
@@ -1590,14 +1586,13 @@ def _setReviewStatus(self, session, report_id, status, message, date=None):
 
             # Create a system comment if the review status or the message
             # is changed.
-            old_review_status = escape_whitespaces(old_status.capitalize())
-            new_review_status = \
-                escape_whitespaces(review_status.status.capitalize())
+            old_review_status = shlex.quote(old_status.capitalize())
+            new_review_status = shlex.quote(review_status.status.capitalize())
             if message:
                 system_comment_msg = \
                     'rev_st_changed_msg {0} {1} {2}'.format(
                         old_review_status, new_review_status,
-                        escape_whitespaces(message))
+                        shlex.quote(message))
             else:
                 system_comment_msg = 'rev_st_changed {0} {1}'.format(
                     old_review_status, new_review_status)
@@ -1760,8 +1755,8 @@ def updateComment(self, comment_id, content):
                 message = comment.message.decode('utf-8')
                 if message != content:
                     system_comment_msg = 'comment_changed {0} {1}'.format(
-                        escape_whitespaces(message),
-                        escape_whitespaces(content))
+                        shlex.quote(message),
+                        shlex.quote(content))
 
                     system_comment = \
                         self.__add_comment(comment.bug_hash,

diff --git a/web/tests/functional/comment/test_comment.py b/web/tests/functional/comment/test_comment.py
@@ -160,7 +160,7 @@ def test_comment(self):
         self.assertEqual(num_comment, 1)
 
         # Edit the message of the first remaining comment
-        new_msg = 'New msg'
+        new_msg = "New msg'\"`"
         success = self._cc_client.updateComment(comments[0].id, new_msg)
         self.assertTrue(success)
         logging.debug('Comment edited successfully')