improve validation, accept more characters in the section type

diff --git a/file.c b/file.c
index 85959729fe1e2370213b967854a180363901e4f6..c0141acd17964863f47e5c8b2447a49b89895802 100644 (file)
--- a/file.c
+++ b/file.c
@@ -342,7 +342,9 @@ static void uci_parse_config(struct uci_context *ctx, char **str)
        /* command string null-terminated by strtok */
        *str += strlen(*str) + 1;
 
-       type = next_arg(ctx, str, true, true);
+       type = next_arg(ctx, str, true, false);
+       if (!uci_validate_str(type, false))
+               uci_parse_error(ctx, type, "invalid character in field");
        name = next_arg(ctx, str, false, true);
        assert_eol(ctx, str);
 

diff --git a/history.c b/history.c
index 202d787614f8d82397301b874a8a23e721e55c3a..7ac8050291cfee8699e768dea6a55e3ce4e905a6 100644 (file)
--- a/history.c
+++ b/history.c
@@ -82,7 +82,7 @@ static void uci_parse_history_line(struct uci_context *ctx, struct uci_package *
                goto error;
        if (option && !uci_validate_name(option))
                goto error;
-       if ((rename || (!option && !delete)) && !uci_validate_name(value))
+       if (rename && !uci_validate_str(value, (option || delete)))
                goto error;
 
        if (rename)

diff --git a/list.c b/list.c
index a0d50d1d3c08224ace9d370a6c5f648d324c2da6..24382c8464d090746d416fa45e5caef5b213b8b8 100644 (file)
--- a/list.c
+++ b/list.c
@@ -339,7 +339,7 @@ int uci_set_element_value(struct uci_context *ctx, struct uci_element **element,
        list = e->list.prev;
        switch(e->type) {
        case UCI_TYPE_SECTION:
-               UCI_ASSERT(ctx, uci_validate_name(value));
+               UCI_ASSERT(ctx, uci_validate_str(value, false));
                size = sizeof(struct uci_section);
                s = uci_to_section(e);
                section = e->name;
@@ -433,7 +433,7 @@ int uci_set(struct uci_context *ctx, struct uci_package *p, char *section, char
                UCI_ASSERT(ctx, uci_validate_name(option));
                UCI_ASSERT(ctx, value != NULL);
        } else {
-               UCI_ASSERT(ctx, uci_validate_name(value));
+               UCI_ASSERT(ctx, uci_validate_str(value, false));
        }
 
        /*

diff --git a/util.c b/util.c
index bcf65aa106e82cb6c41c9b9850027a9185f97383..78b22cffae25849ebed5715b4f243d602374ffed 100644 (file)
--- a/util.c
+++ b/util.c
@@ -59,19 +59,32 @@ static char *uci_strdup(struct uci_context *ctx, const char *str)
        return ptr;
 }
 
-static bool uci_validate_name(const char *str)
+/*
+ * validate strings for names and types, reject special characters
+ * for names, only alphanum and _ is allowed (shell compatibility)
+ * for types, we allow more characters
+ */
+static bool uci_validate_str(const char *str, bool name)
 {
        if (!*str)
                return false;
 
        while (*str) {
-               if (!isalnum(*str) && (*str != '_'))
-                       return false;
+               char c = *str;
+               if (!isalnum(c) && c != '_') {
+                       if (name || (c < 33) || (c > 126))
+                               return false;
+               }
                str++;
        }
        return true;
 }
 
+static inline bool uci_validate_name(const char *str)
+{
+       return uci_validate_str(str, true);
+}
+
 static void uci_alloc_parse_context(struct uci_context *ctx)
 {
        ctx->pctx = (struct uci_parse_context *) uci_malloc(ctx, sizeof(struct uci_parse_context));