From 4ece7c2494e22c20f9e98fad655ca876fa1fc9dd Mon Sep 17 00:00:00 2001
From: Colin Darie <colin@darie.eu>
Date: Mon, 29 Aug 2022 10:20:05 +0200
Subject: [PATCH] fix(champ): remove null byte before save
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Les null bytes peuvent être injectés lors de c/c depuis certains documents,
et ne sont pas sauvegardables en base, rendant la sauvegarde d'un dossier impossible.

Closes #7656

https://sentry.io/organizations/demarches-simplifiees/issues/3194932607/activity/?project=1429550&query=is%3Aunresolved
---
 app/models/champ.rb       | 7 +++++++
 spec/models/champ_spec.rb | 7 +++++++
 2 files changed, 14 insertions(+)

diff --git a/app/models/champ.rb b/app/models/champ.rb
index d984736d4..1839bb687 100644
--- a/app/models/champ.rb
+++ b/app/models/champ.rb
@@ -75,6 +75,7 @@ class Champ < ApplicationRecord
   before_create :set_dossier_id, if: :needs_dossier_id?
   before_validation :set_dossier_id, if: :needs_dossier_id?
   before_save :cleanup_if_empty
+  before_save :normalize
   after_update_commit :fetch_external_data_later
 
   validates :type_de_champ_id, uniqueness: { scope: [:dossier_id, :row] }
@@ -245,6 +246,12 @@ class Champ < ApplicationRecord
     end
   end
 
+  def normalize
+    return if value.nil?
+
+    self.value = value.delete("\u0000")
+  end
+
   class NotImplemented < ::StandardError
     def initialize(method)
       super(":#{method} not implemented")
diff --git a/spec/models/champ_spec.rb b/spec/models/champ_spec.rb
index 7c8be9a92..94cc2b4aa 100644
--- a/spec/models/champ_spec.rb
+++ b/spec/models/champ_spec.rb
@@ -26,6 +26,13 @@ describe Champ do
     end
   end
 
+  describe "normalization" do
+    it "should remove null bytes before save" do
+      champ = create(:champ, value: "foo\u0000bar")
+      expect(champ.value).to eq "foobar"
+    end
+  end
+
   describe '#public?' do
     let(:type_de_champ) { build(:type_de_champ) }
     let(:champ) { type_de_champ.champ.build }