Check username validity in the FakeAuthPolicyClient

chromeos/dbus/fake_auth_policy_client.cc

Index: chromeos/dbus/fake_auth_policy_client.cc
diff --git a/chromeos/dbus/fake_auth_policy_client.cc b/chromeos/dbus/fake_auth_policy_client.cc
index f37f1ea53bc88d6aa576485db9d67fb310e6978b..4f3a35ded30f6a9d54b64ba1d7c329a6f8eebb20 100644
--- a/chromeos/dbus/fake_auth_policy_client.cc
+++ b/chromeos/dbus/fake_auth_policy_client.cc
@@ -10,6 +10,7 @@
 #include "base/location.h"
 #include "base/md5.h"
 #include "base/path_service.h"
+#include "base/strings/string_split.h"
 #include "base/task_scheduler/post_task.h"
 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h"
 #include "chromeos/chromeos_paths.h"
@@ -24,6 +25,9 @@ namespace em = enterprise_management;
 
 namespace {
 
+const size_t kMaxMachineNameLength = 15;
+const char kInvalidMachineNameCharacters[] = "\\/:*?\"<>|";
+
 // Drop stub policy file of |policy_type| at |policy_path| containing
 // |serialized_payload|.
 bool WritePolicyFile(const base::FilePath& policy_path,
@@ -65,6 +69,25 @@ void FakeAuthPolicyClient::JoinAdDomain(const std::string& machine_name,
                                         const std::string& user_principal_name,
                                         int password_fd,
                                         const JoinCallback& callback) {
+  if (machine_name.size() > kMaxMachineNameLength) {
+    callback.Run(authpolicy::ERROR_MACHINE_NAME_TOO_LONG);
+    return;
+  }
+
+  if (machine_name.empty() ||
+      machine_name.find_first_of(kInvalidMachineNameCharacters) !=
+          std::string::npos) {
+    callback.Run(authpolicy::ERROR_BAD_MACHINE_NAME);
+    return;
+  }
+
+  std::vector<std::string> parts = base::SplitString(
+      user_principal_name, "@", base::TRIM_WHITESPACE, base::SPLIT_WANT_ALL);
+  if (parts.size() != 2 || parts[0].empty() || parts[1].empty()) {
+    callback.Run(authpolicy::ERROR_PARSE_UPN_FAILED);
+    return;
+  }
+
   callback.Run(authpolicy::ERROR_NONE);
 }