magento
diff --git a/‎app/code/Magento/Captcha/Model/DefaultModel.php
Lines changed: 15 additions & 7 deletions b/‎app/code/Magento/Captcha/Model/DefaultModel.php
Lines changed: 15 additions & 7 deletions
diff --git a/‎app/code/Magento/Captcha/Test/Unit/Model/DefaultTest.php
Lines changed: 37 additions & 0 deletions b/‎app/code/Magento/Captcha/Test/Unit/Model/DefaultTest.php
Lines changed: 37 additions & 0 deletions
diff --git a/‎app/code/Magento/Checkout/Model/ShippingInformationManagement.php
Lines changed: 23 additions & 18 deletions b/‎app/code/Magento/Checkout/Model/ShippingInformationManagement.php
Lines changed: 23 additions & 18 deletions
diff --git a/‎app/code/Magento/Checkout/Test/Unit/Model/ShippingInformationManagementTest.php
Lines changed: 19 additions & 22 deletions b/‎app/code/Magento/Checkout/Test/Unit/Model/ShippingInformationManagementTest.php
Lines changed: 19 additions & 22 deletions
diff --git a/‎app/code/Magento/Cms/Helper/Wysiwyg/Images.php
Lines changed: 17 additions & 7 deletions b/‎app/code/Magento/Cms/Helper/Wysiwyg/Images.php
Lines changed: 17 additions & 7 deletions
@@ -5,9 +5,13 @@
  */
 namespace Magento\Captcha\Model;
 
+use Magento\Framework\Math\Random;
+
 /**
  * Implementation of \Zend_Captcha
  *
+ * @SuppressWarnings(PHPMD.CookieAndSessionMisuse)
+ *
  * @author     Magento Core Team <core@magentocommerce.com>
  */
 class DefaultModel extends \Zend_Captcha_Image implements \Magento\Captcha\Model\CaptchaInterface
@@ -68,22 +72,30 @@ class DefaultModel extends \Zend_Captcha_Image implements \Magento\Captcha\Model
      */
     protected $_session;
 
+    /**
+     * @var Random
+     */
+    private $randomMath;
+
     /**
      * @param \Magento\Framework\Session\SessionManagerInterface $session
      * @param \Magento\Captcha\Helper\Data $captchaData
      * @param \Magento\Captcha\Model\ResourceModel\LogFactory $resLogFactory
      * @param string $formId
+     * @param Random $randomMath
      */
     public function __construct(
         \Magento\Framework\Session\SessionManagerInterface $session,
         \Magento\Captcha\Helper\Data $captchaData,
         \Magento\Captcha\Model\ResourceModel\LogFactory $resLogFactory,
-        $formId
+        $formId,
+        Random $randomMath = null
     ) {
         $this->_session = $session;
         $this->_captchaData = $captchaData;
         $this->_resLogFactory = $resLogFactory;
         $this->_formId = $formId;
+        $this->randomMath = $randomMath ?: \Magento\Framework\App\ObjectManager::getInstance()->get(Random::class);
     }
 
     /**
@@ -361,13 +373,9 @@ public function setShowCaptchaInSession($value = true)
      */
     protected function _generateWord()
     {
-        $word = '';
-        $symbols = $this->_getSymbols();
+        $symbols = (string)$this->_captchaData->getConfig('symbols');
         $wordLen = $this->_getWordLen();
-        for ($i = 0; $i < $wordLen; $i++) {
-            $word .= $symbols[array_rand($symbols)];
-        }
-        return $word;
+        return $this->randomMath->getRandomString($wordLen, $symbols);
     }
 
     /**
 
@@ -376,4 +376,41 @@ public function isShownToLoggedInUserDataProvider()
             [false, 'guest_checkout']
         ];
     }
+
+    /**
+     * @param string $string
+     * @dataProvider generateWordProvider
+     * @throws \ReflectionException
+     */
+    public function testGenerateWord($string)
+    {
+        $randomMock = $this->getMock('Magento\Framework\Math\Random');
+        $randomMock->expects($this->once())
+            ->method('getRandomString')
+            ->will($this->returnValue($string));
+
+        $captcha = new \Magento\Captcha\Model\DefaultModel(
+            $this->session,
+            $this->_getHelperStub(),
+            $this->_resLogFactory,
+            'user_create',
+            $randomMock
+        );
+
+        $method = new \ReflectionMethod($captcha, '_generateWord');
+        $method->setAccessible(true);
+        $this->assertEquals($string, $method->invoke($captcha));
+    }
+
+    /**
+     * @return array
+     */
+    public function generateWordProvider()
+    {
+        return [
+            ['ABC123'],
+            ['1234567890'],
+            ['The quick brown fox jumps over the lazy dog.']
+        ];
+    }
 }
@@ -18,6 +18,8 @@
 use Magento\Framework\App\ObjectManager;
 
 /**
+ * Class ShippingInformationManagement
+ *
  * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
  */
 class ShippingInformationManagement implements \Magento\Checkout\Api\ShippingInformationManagementInterface
@@ -149,31 +151,32 @@ public function saveAddressInformation(
         $cartId,
         \Magento\Checkout\Api\Data\ShippingInformationInterface $addressInformation
     ) {
-        $address = $addressInformation->getShippingAddress();
-        $billingAddress = $addressInformation->getBillingAddress();
-        $carrierCode = $addressInformation->getShippingCarrierCode();
-        $methodCode = $addressInformation->getShippingMethodCode();
-
-        if (!$address->getCustomerAddressId()) {
-            $address->setCustomerAddressId(null);
-        }
-
-        if (!$address->getCountryId()) {
-            throw new StateException(__('Shipping address is not set'));
-        }
-
         /** @var \Magento\Quote\Model\Quote $quote */
         $quote = $this->quoteRepository->getActive($cartId);
-        $address->setLimitCarrier($carrierCode);
-        $quote = $this->prepareShippingAssignment($quote, $address, $carrierCode . '_' . $methodCode);
         $this->validateQuote($quote);
-        $quote->setIsMultiShipping(false);
 
-        if ($billingAddress) {
-            $quote->setBillingAddress($billingAddress);
+        $address = $addressInformation->getShippingAddress();
+        if (!$address || !$address->getCountryId()) {
+            throw new StateException(__('Shipping address is not set'));
+        }
+        if (!$address->getCustomerAddressId()) {
+            $address->setCustomerAddressId(null);
         }
 
         try {
+            $billingAddress = $addressInformation->getBillingAddress();
+            if ($billingAddress) {
+                $this->addressValidator->validateForCart($quote, $billingAddress);
+                $quote->setBillingAddress($billingAddress);
+            }
+
+            $this->addressValidator->validateForCart($quote, $address);
+            $carrierCode = $addressInformation->getShippingCarrierCode();
+            $address->setLimitCarrier($carrierCode);
+            $methodCode = $addressInformation->getShippingMethodCode();
+            $quote = $this->prepareShippingAssignment($quote, $address, $carrierCode . '_' . $methodCode);
+            $quote->setIsMultiShipping(false);
+
             $this->quoteRepository->save($quote);
         } catch (\Exception $e) {
             $this->logger->critical($e);
@@ -211,6 +214,8 @@ protected function validateQuote(\Magento\Quote\Model\Quote $quote)
     }
 
     /**
+     * Prepare shipping assignment.
+     *
      * @param CartInterface $quote
      * @param AddressInterface $address
      * @param string $method
 
@@ -5,6 +5,8 @@
  */
 namespace Magento\Checkout\Test\Unit\Model;
 
+use Magento\Quote\Model\QuoteAddressValidator;
+
 /**
  * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
  * @SuppressWarnings(PHPMD.TooManyFields)
@@ -149,6 +151,7 @@ protected function setUp()
             $this->getMock(\Magento\Quote\Api\Data\CartExtensionFactory::class, ['create'], [], '', false);
         $this->shippingFactoryMock =
             $this->getMock(\Magento\Quote\Model\ShippingFactory::class, ['create'], [], '', false);
+        $this->addressValidatorMock = $this->getMock(QuoteAddressValidator::class, [], [], '', false);
 
         $this->model = $this->objectManager->getObject(
             \Magento\Checkout\Model\ShippingInformationManagement::class,
@@ -157,6 +160,7 @@ protected function setUp()
                 'paymentDetailsFactory' => $this->paymentDetailsFactoryMock,
                 'cartTotalsRepository' => $this->cartTotalsRepositoryMock,
                 'quoteRepository' => $this->quoteRepositoryMock,
+                'addressValidator' => $this->addressValidatorMock,
             ]
         );
         $this->objectManager->setBackwardCompatibleProperty(
@@ -183,22 +187,8 @@ protected function setUp()
     public function testSaveAddressInformationIfCartIsEmpty()
     {
         $cartId = 100;
-        $carrierCode = 'carrier_code';
-        $shippingMethod = 'shipping_method';
         $addressInformationMock = $this->getMock(\Magento\Checkout\Api\Data\ShippingInformationInterface::class);
 
-        $billingAddress = $this->getMock(\Magento\Quote\Api\Data\AddressInterface::class);
-        $addressInformationMock->expects($this->once())
-            ->method('getShippingAddress')
-            ->willReturn($this->shippingAddressMock);
-        $addressInformationMock->expects($this->once())->method('getBillingAddress')->willReturn($billingAddress);
-        $addressInformationMock->expects($this->once())->method('getShippingCarrierCode')->willReturn($carrierCode);
-        $addressInformationMock->expects($this->once())->method('getShippingMethodCode')->willReturn($shippingMethod);
-
-        $this->shippingAddressMock->expects($this->once())->method('getCountryId')->willReturn('USA');
-
-        $this->setShippingAssignmentsMocks($carrierCode . '_' . $shippingMethod);
-
         $this->quoteMock->expects($this->once())->method('getItemsCount')->willReturn(0);
         $this->quoteRepositoryMock->expects($this->once())
             ->method('getActive')
@@ -271,21 +261,19 @@ private function setShippingAssignmentsMocks($shippingMethod)
     public function testSaveAddressInformationIfShippingAddressNotSet()
     {
         $cartId = 100;
-        $carrierCode = 'carrier_code';
-        $shippingMethod = 'shipping_method';
         $addressInformationMock = $this->getMock(\Magento\Checkout\Api\Data\ShippingInformationInterface::class);
-
         $addressInformationMock->expects($this->once())
             ->method('getShippingAddress')
             ->willReturn($this->shippingAddressMock);
-        $addressInformationMock->expects($this->once())->method('getShippingCarrierCode')->willReturn($carrierCode);
-        $addressInformationMock->expects($this->once())->method('getShippingMethodCode')->willReturn($shippingMethod);
-
-        $billingAddress = $this->getMock(\Magento\Quote\Api\Data\AddressInterface::class);
-        $addressInformationMock->expects($this->once())->method('getBillingAddress')->willReturn($billingAddress);
 
         $this->shippingAddressMock->expects($this->once())->method('getCountryId')->willReturn(null);
 
+        $this->quoteRepositoryMock->expects($this->once())
+            ->method('getActive')
+            ->with($cartId)
+            ->willReturn($this->quoteMock);
+        $this->quoteMock->expects($this->once())->method('getItemsCount')->willReturn(100);
+
         $this->model->saveAddressInformation($cartId, $addressInformationMock);
     }
 
@@ -300,6 +288,9 @@ public function testSaveAddressInformationIfCanNotSaveQuote()
         $shippingMethod = 'shipping_method';
         $addressInformationMock = $this->getMock(\Magento\Checkout\Api\Data\ShippingInformationInterface::class);
 
+        $this->addressValidatorMock->expects($this->exactly(2))
+            ->method('validateForCart');
+
         $this->quoteRepositoryMock->expects($this->once())
             ->method('getActive')
             ->with($cartId)
@@ -341,6 +332,9 @@ public function testSaveAddressInformationIfCarrierCodeIsInvalid()
         $shippingMethod = 'shipping_method';
         $addressInformationMock = $this->getMock(\Magento\Checkout\Api\Data\ShippingInformationInterface::class);
 
+        $this->addressValidatorMock->expects($this->exactly(2))
+            ->method('validateForCart');
+
         $this->quoteRepositoryMock->expects($this->once())
             ->method('getActive')
             ->with($cartId)
@@ -382,6 +376,9 @@ public function testSaveAddressInformation()
         $shippingMethod = 'shipping_method';
         $addressInformationMock = $this->getMock(\Magento\Checkout\Api\Data\ShippingInformationInterface::class);
 
+        $this->addressValidatorMock->expects($this->exactly(2))
+            ->method('validateForCart');
+
         $this->quoteRepositoryMock->expects($this->once())
             ->method('getActive')
             ->with($cartId)
 
@@ -27,11 +27,11 @@ class Images extends \Magento\Framework\App\Helper\AbstractHelper
     protected $_currentUrl;
 
     /**
-     * Currenty selected store ID if applicable
+     * Currently selected store ID if applicable
      *
      * @var int
      */
-    protected $_storeId = null;
+    protected $_storeId;
 
     /**
      * @var \Magento\Framework\Filesystem\Directory\Write
@@ -71,7 +71,7 @@ public function __construct(
         $this->_storeManager = $storeManager;
 
         $this->_directory = $filesystem->getDirectoryWrite(DirectoryList::MEDIA);
-        $this->_directory->create(\Magento\Cms\Model\Wysiwyg\Config::IMAGE_DIRECTORY);
+        $this->_directory->create($this->getStorageRoot());
     }
 
     /**
@@ -93,7 +93,17 @@ public function setStoreId($store)
      */
     public function getStorageRoot()
     {
-        return $this->_directory->getAbsolutePath(\Magento\Cms\Model\Wysiwyg\Config::IMAGE_DIRECTORY);
+        return $this->_directory->getAbsolutePath($this->getStorageRootSubpath());
+    }
+
+    /**
+     * Get image storage root subpath.  User is unable to traverse outside of this subpath in media gallery
+     *
+     * @return string
+     */
+    public function getStorageRootSubpath()
+    {
+        return '';
     }
 
     /**
@@ -141,7 +151,7 @@ public function convertIdToPath($id)
             return $this->getStorageRoot();
         } else {
             $path = $this->getStorageRoot() . $this->idDecode($id);
-            if (strpos($path, DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR) !== false) {
+            if (preg_match('/\.\.(\\\|\/)/', $path)) {
                 throw new \InvalidArgumentException('Path is invalid');
             }
 
@@ -208,7 +218,7 @@ public function getImageHtmlDeclaration($filename, $renderAsTag = false)
     public function getCurrentPath()
     {
         if (!$this->_currentPath) {
-            $currentPath = $this->_directory->getAbsolutePath() . \Magento\Cms\Model\Wysiwyg\Config::IMAGE_DIRECTORY;
+            $currentPath = $this->getStorageRoot();
             $path = $this->_getRequest()->getParam($this->getTreeNodeName());
             if ($path) {
                 $path = $this->convertIdToPath($path);
@@ -244,7 +254,7 @@ public function getCurrentUrl()
             )->getBaseUrl(
                 \Magento\Framework\UrlInterface::URL_TYPE_MEDIA
             );
-            $this->_currentUrl = $mediaUrl . $this->_directory->getRelativePath($path) . '/';
+            $this->_currentUrl = rtrim($mediaUrl . $this->_directory->getRelativePath($path), '/') . '/';
         }
         return $this->_currentUrl;
     }