github
/
mosquitto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Dynsec: Validate user/group/role names as UTF-8.

Browse Source
pull/1886/head
Roger A. Light 5 years ago
parent 7462fec1c8
commit 801e31efda
5 changed files with 135 additions and 8 deletions
Show Stats Download Patch File Download Diff File

54
plugins/dynamic-security/clients.c
Unescape Escape View File

@ -341,7 +341,7 @@ int dynsec_clients__config_save(cJSON *tree)
int dynsec_clients__process_create(cJSON *j_responses, struct mosquitto *context, cJSON *command, char *correlation_data) int dynsec_clients__process_create(cJSON *j_responses, struct mosquitto *context, cJSON *command, char *correlation_data)
{ {
char *username, *password, *clientid; char *username, *password, *clientid = NULL;
char *text_name, *text_description; char *text_name, *text_description;
struct dynsec__client *client; struct dynsec__client *client;
int rc; int rc;
@ -352,6 +352,10 @@ int dynsec_clients__process_create(cJSON *j_responses, struct mosquitto *context
dynsec__command_reply(j_responses, context, "createClient", "Invalid/missing username", correlation_data); dynsec__command_reply(j_responses, context, "createClient", "Invalid/missing username", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(username, (int)strlen(username)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "createClient", "Username not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
if(json_get_string(command, "password", &password, true) != MOSQ_ERR_SUCCESS){ if(json_get_string(command, "password", &password, true) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "createClient", "Invalid/missing password", correlation_data); dynsec__command_reply(j_responses, context, "createClient", "Invalid/missing password", correlation_data);
@ -362,6 +366,11 @@ int dynsec_clients__process_create(cJSON *j_responses, struct mosquitto *context
dynsec__command_reply(j_responses, context, "createClient", "Invalid/missing client id", correlation_data); dynsec__command_reply(j_responses, context, "createClient", "Invalid/missing client id", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(clientid && mosquitto_validate_utf8(clientid, (int)strlen(clientid)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "createClient", "Client ID not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
if(json_get_string(command, "textname", &text_name, true) != MOSQ_ERR_SUCCESS){ if(json_get_string(command, "textname", &text_name, true) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "createClient", "Invalid/missing textname", correlation_data); dynsec__command_reply(j_responses, context, "createClient", "Invalid/missing textname", correlation_data);
@ -494,6 +503,10 @@ int dynsec_clients__process_disable(cJSON *j_responses, struct mosquitto *contex
dynsec__command_reply(j_responses, context, "disableClient", "Invalid/missing username", correlation_data); dynsec__command_reply(j_responses, context, "disableClient", "Invalid/missing username", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(username, (int)strlen(username)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "disableClient", "Username not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
client = dynsec_clients__find(username); client = dynsec_clients__find(username);
if(client == NULL){ if(client == NULL){
@ -520,6 +533,10 @@ int dynsec_clients__process_enable(cJSON *j_responses, struct mosquitto *context
dynsec__command_reply(j_responses, context, "enableClient", "Invalid/missing username", correlation_data); dynsec__command_reply(j_responses, context, "enableClient", "Invalid/missing username", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(username, (int)strlen(username)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "enableClient", "Username not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
client = dynsec_clients__find(username); client = dynsec_clients__find(username);
if(client == NULL){ if(client == NULL){
@ -544,6 +561,10 @@ int dynsec_clients__process_set_password(cJSON *j_responses, struct mosquitto *c
dynsec__command_reply(j_responses, context, "setClientPassword", "Invalid/missing username", correlation_data); dynsec__command_reply(j_responses, context, "setClientPassword", "Invalid/missing username", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(username, (int)strlen(username)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "setClientPassword", "Username not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
if(json_get_string(command, "password", &password, false) != MOSQ_ERR_SUCCESS){ if(json_get_string(command, "password", &password, false) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "setClientPassword", "Invalid/missing password", correlation_data); dynsec__command_reply(j_responses, context, "setClientPassword", "Invalid/missing password", correlation_data);
@ -603,6 +624,10 @@ int dynsec_clients__process_modify(cJSON *j_responses, struct mosquitto *context
dynsec__command_reply(j_responses, context, "modifyClient", "Invalid/missing username", correlation_data); dynsec__command_reply(j_responses, context, "modifyClient", "Invalid/missing username", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(username, (int)strlen(username)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "modifyClient", "Username not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
client = dynsec_clients__find(username); client = dynsec_clients__find(username);
if(client == NULL){ if(client == NULL){
@ -742,6 +767,10 @@ int dynsec_clients__process_get(cJSON *j_responses, struct mosquitto *context, c
dynsec__command_reply(j_responses, context, "getClient", "Invalid/missing username", correlation_data); dynsec__command_reply(j_responses, context, "getClient", "Invalid/missing username", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(username, (int)strlen(username)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "getClient", "Username not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
client = dynsec_clients__find(username); client = dynsec_clients__find(username);
if(client == NULL){ if(client == NULL){
@ -876,7 +905,7 @@ int dynsec_clients__process_list(cJSON *j_responses, struct mosquitto *context,
int dynsec_clients__process_add_role(cJSON *j_responses, struct mosquitto *context, cJSON *command, char *correlation_data) int dynsec_clients__process_add_role(cJSON *j_responses, struct mosquitto *context, cJSON *command, char *correlation_data)
{ {
char *username, *role_name; char *username, *rolename;
struct dynsec__client *client; struct dynsec__client *client;
struct dynsec__role *role; struct dynsec__role *role;
int priority; int priority;
@ -885,11 +914,19 @@ int dynsec_clients__process_add_role(cJSON *j_responses, struct mosquitto *conte
dynsec__command_reply(j_responses, context, "addClientRole", "Invalid/missing username", correlation_data); dynsec__command_reply(j_responses, context, "addClientRole", "Invalid/missing username", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(username, (int)strlen(username)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "addClientRole", "Username not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
if(json_get_string(command, "rolename", &role_name, false) != MOSQ_ERR_SUCCESS){ if(json_get_string(command, "rolename", &rolename, false) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "addClientRole", "Invalid/missing rolename", correlation_data); dynsec__command_reply(j_responses, context, "addClientRole", "Invalid/missing rolename", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(rolename, (int)strlen(rolename)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "addClientRole", "Role name not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
json_get_int(command, "priority", &priority, true, -1); json_get_int(command, "priority", &priority, true, -1);
client = dynsec_clients__find(username); client = dynsec_clients__find(username);
@ -898,7 +935,7 @@ int dynsec_clients__process_add_role(cJSON *j_responses, struct mosquitto *conte
return MOSQ_ERR_SUCCESS; return MOSQ_ERR_SUCCESS;
} }
role = dynsec_roles__find(role_name); role = dynsec_roles__find(rolename);
if(role == NULL){ if(role == NULL){
dynsec__command_reply(j_responses, context, "addClientRole", "Role not found", correlation_data); dynsec__command_reply(j_responses, context, "addClientRole", "Role not found", correlation_data);
return MOSQ_ERR_SUCCESS; return MOSQ_ERR_SUCCESS;
@ -925,11 +962,20 @@ int dynsec_clients__process_remove_role(cJSON *j_responses, struct mosquitto *co
dynsec__command_reply(j_responses, context, "removeClientRole", "Invalid/missing username", correlation_data); dynsec__command_reply(j_responses, context, "removeClientRole", "Invalid/missing username", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(username, (int)strlen(username)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "removeClientRole", "Username not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
if(json_get_string(command, "rolename", &rolename, false) != MOSQ_ERR_SUCCESS){ if(json_get_string(command, "rolename", &rolename, false) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "removeGroupRole", "Invalid/missing rolename", correlation_data); dynsec__command_reply(j_responses, context, "removeGroupRole", "Invalid/missing rolename", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(rolename, (int)strlen(rolename)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "removeClientRole", "Role name not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
client = dynsec_clients__find(username); client = dynsec_clients__find(username);
if(client == NULL){ if(client == NULL){

59
plugins/dynamic-security/groups.c
Unescape Escape View File

@ -166,7 +166,7 @@ struct dynsec__group *dynsec_groups__find(const char *groupname)
int dynsec_groups__process_add_role(cJSON *j_responses, struct mosquitto *context, cJSON *command, char *correlation_data) int dynsec_groups__process_add_role(cJSON *j_responses, struct mosquitto *context, cJSON *command, char *correlation_data)
{ {
char *groupname, *role_name; char *groupname, *rolename;
struct dynsec__group *group; struct dynsec__group *group;
struct dynsec__role *role; struct dynsec__role *role;
int priority; int priority;
@ -175,11 +175,19 @@ int dynsec_groups__process_add_role(cJSON *j_responses, struct mosquitto *contex
dynsec__command_reply(j_responses, context, "addGroupRole", "Invalid/missing groupname", correlation_data); dynsec__command_reply(j_responses, context, "addGroupRole", "Invalid/missing groupname", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(groupname, (int)strlen(groupname)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "addGroupRole", "Group name not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
if(json_get_string(command, "roleName", &role_name, false) != MOSQ_ERR_SUCCESS){ if(json_get_string(command, "roleName", &rolename, false) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "addGroupRole", "Invalid/missing roleName", correlation_data); dynsec__command_reply(j_responses, context, "addGroupRole", "Invalid/missing roleName", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(rolename, (int)strlen(rolename)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "addGroupRole", "Role name not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
json_get_int(command, "priority", &priority, true, -1); json_get_int(command, "priority", &priority, true, -1);
group = dynsec_groups__find(groupname); group = dynsec_groups__find(groupname);
@ -188,7 +196,7 @@ int dynsec_groups__process_add_role(cJSON *j_responses, struct mosquitto *contex
return MOSQ_ERR_SUCCESS; return MOSQ_ERR_SUCCESS;
} }
role = dynsec_roles__find(role_name); role = dynsec_roles__find(rolename);
if(role == NULL){ if(role == NULL){
dynsec__command_reply(j_responses, context, "addGroupRole", "Role not found", correlation_data); dynsec__command_reply(j_responses, context, "addGroupRole", "Role not found", correlation_data);
return MOSQ_ERR_SUCCESS; return MOSQ_ERR_SUCCESS;
@ -404,6 +412,10 @@ int dynsec_groups__process_create(cJSON *j_responses, struct mosquitto *context,
dynsec__command_reply(j_responses, context, "createGroup", "Invalid/missing groupname", correlation_data); dynsec__command_reply(j_responses, context, "createGroup", "Invalid/missing groupname", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(groupname, (int)strlen(groupname)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "createGroup", "Group name not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
if(json_get_string(command, "textname", &text_name, true) != MOSQ_ERR_SUCCESS){ if(json_get_string(command, "textname", &text_name, true) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "createGroup", "Invalid/missing textname", correlation_data); dynsec__command_reply(j_responses, context, "createGroup", "Invalid/missing textname", correlation_data);
@ -478,6 +490,10 @@ int dynsec_groups__process_delete(cJSON *j_responses, struct mosquitto *context,
dynsec__command_reply(j_responses, context, "deleteGroup", "Invalid/missing groupname", correlation_data); dynsec__command_reply(j_responses, context, "deleteGroup", "Invalid/missing groupname", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(groupname, (int)strlen(groupname)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "deleteGroup", "Group name not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
group = dynsec_groups__find(groupname); group = dynsec_groups__find(groupname);
if(group){ if(group){
@ -558,11 +574,20 @@ int dynsec_groups__process_add_client(cJSON *j_responses, struct mosquitto *cont
dynsec__command_reply(j_responses, context, "addGroupClient", "Invalid/missing username", correlation_data); dynsec__command_reply(j_responses, context, "addGroupClient", "Invalid/missing username", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(username, (int)strlen(username)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "addGroupClient", "Username not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
if(json_get_string(command, "groupname", &groupname, false) != MOSQ_ERR_SUCCESS){ if(json_get_string(command, "groupname", &groupname, false) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "addGroupClient", "Invalid/missing groupname", correlation_data); dynsec__command_reply(j_responses, context, "addGroupClient", "Invalid/missing groupname", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(groupname, (int)strlen(groupname)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "addGroupClient", "Group name not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
json_get_int(command, "priority", &priority, true, -1); json_get_int(command, "priority", &priority, true, -1);
rc = dynsec_groups__add_client(username, groupname, priority, true); rc = dynsec_groups__add_client(username, groupname, priority, true);
@ -653,11 +678,19 @@ int dynsec_groups__process_remove_client(cJSON *j_responses, struct mosquitto *c
dynsec__command_reply(j_responses, context, "removeGroupClient", "Invalid/missing username", correlation_data); dynsec__command_reply(j_responses, context, "removeGroupClient", "Invalid/missing username", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(username, (int)strlen(username)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "removeGroupClient", "Username not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
if(json_get_string(command, "groupname", &groupname, false) != MOSQ_ERR_SUCCESS){ if(json_get_string(command, "groupname", &groupname, false) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "removeGroupClient", "Invalid/missing groupname", correlation_data); dynsec__command_reply(j_responses, context, "removeGroupClient", "Invalid/missing groupname", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(groupname, (int)strlen(groupname)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "removeGroupClient", "Group name not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
rc = dynsec_groups__remove_client(username, groupname, true); rc = dynsec_groups__remove_client(username, groupname, true);
if(rc == MOSQ_ERR_SUCCESS){ if(rc == MOSQ_ERR_SUCCESS){
@ -825,6 +858,10 @@ int dynsec_groups__process_get(cJSON *j_responses, struct mosquitto *context, cJ
dynsec__command_reply(j_responses, context, "getGroup", "Invalid/missing groupname", correlation_data); dynsec__command_reply(j_responses, context, "getGroup", "Invalid/missing groupname", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(groupname, (int)strlen(groupname)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "getGroup", "Group name not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
tree = cJSON_CreateObject(); tree = cJSON_CreateObject();
if(tree == NULL){ if(tree == NULL){
@ -884,11 +921,19 @@ int dynsec_groups__process_remove_role(cJSON *j_responses, struct mosquitto *con
dynsec__command_reply(j_responses, context, "removeGroupRole", "Invalid/missing groupname", correlation_data); dynsec__command_reply(j_responses, context, "removeGroupRole", "Invalid/missing groupname", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(groupname, (int)strlen(groupname)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "removeGroupRole", "Group name not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
if(json_get_string(command, "roleName", &rolename, false) != MOSQ_ERR_SUCCESS){ if(json_get_string(command, "roleName", &rolename, false) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "removeGroupRole", "Invalid/missing roleName", correlation_data); dynsec__command_reply(j_responses, context, "removeGroupRole", "Invalid/missing roleName", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(rolename, (int)strlen(rolename)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "removeGroupRole", "Role name not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
group = dynsec_groups__find(groupname); group = dynsec_groups__find(groupname);
if(group == NULL){ if(group == NULL){
@ -930,6 +975,10 @@ int dynsec_groups__process_modify(cJSON *j_responses, struct mosquitto *context,
dynsec__command_reply(j_responses, context, "modifyGroup", "Invalid/missing groupname", correlation_data); dynsec__command_reply(j_responses, context, "modifyGroup", "Invalid/missing groupname", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(groupname, (int)strlen(groupname)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "modifyGroup", "Group name not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
group = dynsec_groups__find(groupname); group = dynsec_groups__find(groupname);
if(group == NULL){ if(group == NULL){
@ -1010,6 +1059,10 @@ int dynsec_groups__process_set_anonymous_group(cJSON *j_responses, struct mosqui
dynsec__command_reply(j_responses, context, "setAnonymousGroup", "Invalid/missing groupname", correlation_data); dynsec__command_reply(j_responses, context, "setAnonymousGroup", "Invalid/missing groupname", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(groupname, (int)strlen(groupname)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "setAnonymousGroup", "Group name not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
group = dynsec_groups__find(groupname); group = dynsec_groups__find(groupname);
if(group == NULL){ if(group == NULL){

28
plugins/dynamic-security/roles.c
Unescape Escape View File

@ -575,6 +575,10 @@ int dynsec_roles__process_create(cJSON *j_responses, struct mosquitto *context,
dynsec__command_reply(j_responses, context, "createRole", "Invalid/missing rolename", correlation_data); dynsec__command_reply(j_responses, context, "createRole", "Invalid/missing rolename", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(rolename, (int)strlen(rolename)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "createRole", "Role name not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
if(json_get_string(command, "textname", &text_name, true) != MOSQ_ERR_SUCCESS){ if(json_get_string(command, "textname", &text_name, true) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "createRole", "Invalid/missing textname", correlation_data); dynsec__command_reply(j_responses, context, "createRole", "Invalid/missing textname", correlation_data);
@ -686,6 +690,10 @@ int dynsec_roles__process_delete(cJSON *j_responses, struct mosquitto *context,
dynsec__command_reply(j_responses, context, "deleteRole", "Invalid/missing rolename", correlation_data); dynsec__command_reply(j_responses, context, "deleteRole", "Invalid/missing rolename", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(rolename, (int)strlen(rolename)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "deleteRole", "Role name not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
role = dynsec_roles__find(rolename); role = dynsec_roles__find(rolename);
if(role){ if(role){
@ -825,6 +833,11 @@ int dynsec_roles__process_add_acl(cJSON *j_responses, struct mosquitto *context,
dynsec__command_reply(j_responses, context, "addRoleACL", "Invalid/missing rolename", correlation_data); dynsec__command_reply(j_responses, context, "addRoleACL", "Invalid/missing rolename", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(rolename, (int)strlen(rolename)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "addRoleACL", "Role name not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
role = dynsec_roles__find(rolename); role = dynsec_roles__find(rolename);
if(role == NULL){ if(role == NULL){
dynsec__command_reply(j_responses, context, "addRoleACL", "Role not found", correlation_data); dynsec__command_reply(j_responses, context, "addRoleACL", "Role not found", correlation_data);
@ -910,9 +923,14 @@ int dynsec_roles__process_remove_acl(cJSON *j_responses, struct mosquitto *conte
int rc; int rc;
if(json_get_string(command, "rolename", &rolename, false) != MOSQ_ERR_SUCCESS){ if(json_get_string(command, "rolename", &rolename, false) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "createRole", "Invalid/missing rolename", correlation_data); dynsec__command_reply(j_responses, context, "removeRoleACL", "Invalid/missing rolename", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(rolename, (int)strlen(rolename)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "removeRoleACL", "Role name not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
role = dynsec_roles__find(rolename); role = dynsec_roles__find(rolename);
if(role == NULL){ if(role == NULL){
dynsec__command_reply(j_responses, context, "removeRoleACL", "Role not found", correlation_data); dynsec__command_reply(j_responses, context, "removeRoleACL", "Role not found", correlation_data);
@ -979,6 +997,10 @@ int dynsec_roles__process_get(cJSON *j_responses, struct mosquitto *context, cJS
dynsec__command_reply(j_responses, context, "getRole", "Invalid/missing rolename", correlation_data); dynsec__command_reply(j_responses, context, "getRole", "Invalid/missing rolename", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(rolename, (int)strlen(rolename)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "getRole", "Role name not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
role = dynsec_roles__find(rolename); role = dynsec_roles__find(rolename);
if(role == NULL){ if(role == NULL){
@ -1047,6 +1069,10 @@ int dynsec_roles__process_modify(cJSON *j_responses, struct mosquitto *context,
dynsec__command_reply(j_responses, context, "modifyRole", "Invalid/missing rolename", correlation_data); dynsec__command_reply(j_responses, context, "modifyRole", "Invalid/missing rolename", correlation_data);
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
} }
if(mosquitto_validate_utf8(rolename, (int)strlen(rolename)) != MOSQ_ERR_SUCCESS){
dynsec__command_reply(j_responses, context, "modifyRole", "Role name not valid UTF-8", correlation_data);
return MOSQ_ERR_INVAL;
}
role = dynsec_roles__find(rolename); role = dynsec_roles__find(rolename);
if(role == NULL){ if(role == NULL){

1
src/linker-macosx.syms
Unescape Escape View File

@ -33,3 +33,4 @@ _mosquitto_set_username
_mosquitto_strdup _mosquitto_strdup
_mosquitto_sub_topic_check _mosquitto_sub_topic_check
_mosquitto_topic_matches_sub _mosquitto_topic_matches_sub
_mosquitto_validate_utf8

1
src/linker.syms
Unescape Escape View File

@ -34,4 +34,5 @@
mosquitto_strdup; mosquitto_strdup;
mosquitto_sub_topic_check; mosquitto_sub_topic_check;
mosquitto_topic_matches_sub; mosquitto_topic_matches_sub;
mosquitto_validate_utf8;
}; };

Write Preview
Loading…
Cancel
Save