.type = BLOBMSG_TYPE_STRING },
};
+/*
+ * Validate a uci name
+ */
+static bool
+rpc_uci_verify_str(const char *name, bool extended, bool type)
+{
+ const char *c;
+ char *e;
+
+ if (!name || !*name)
+ return false;
+
+ if (extended && *name != '@')
+ extended = false;
+
+ for (c = name + extended; *c; c++)
+ if (!isalnum(*c) && *c != '_' && ((!type && !extended) || *c != '-'))
+ break;
+
+ if (extended) {
+ if (*c != '[')
+ return false;
+
+ strtol(++c, &e, 10);
+
+ return (e > c && *e == ']' && *(e+1) == 0);
+ }
+
+ return (*c == 0);
+}
+
+/*
+ * Check that string is a valid, shell compatible uci name
+ */
+static bool rpc_uci_verify_name(const char *name) {
+ return rpc_uci_verify_str(name, false, false);
+}
+
+/*
+ * Check that string is a valid section type name
+ */
+static bool rpc_uci_verify_type(const char *type) {
+ return rpc_uci_verify_str(type, false, true);
+}
+
+/*
+ * Check that the string is a valid section id, optionally in extended
+ * lookup notation
+ */
+static bool rpc_uci_verify_section(const char *section) {
+ return rpc_uci_verify_str(section, true, false);
+}
+
+
/*
* Turn uci error state into ubus return code
*/
{
struct uci_element *e, *tmp;
- uci_foreach_element_safe(&cursor->delta_path, tmp, e)
+ uci_foreach_element_safe(&cursor->delta_path, tmp, e) {
+ if (e->name)
+ free(e->name);
+
free(e);
+ }
cursor->delta_path.prev = &cursor->delta_path;
cursor->delta_path.next = &cursor->delta_path;
struct uci_package *p = NULL;
struct uci_section *s;
struct uci_ptr ptr = { 0 };
- int rem, rem2;
+ int rem, rem2, err = 0;
blobmsg_parse(rpc_uci_add_policy, __RPC_A_MAX, tb,
blob_data(msg), blob_len(msg));
if (!rpc_uci_write_access(tb[RPC_A_SESSION], tb[RPC_A_CONFIG]))
return UBUS_STATUS_PERMISSION_DENIED;
+ if (!rpc_uci_verify_type(blobmsg_data(tb[RPC_A_TYPE])))
+ return UBUS_STATUS_INVALID_ARGUMENT;
+
+ if (tb[RPC_A_NAME] &&
+ !rpc_uci_verify_name(blobmsg_data(tb[RPC_A_NAME])))
+ return UBUS_STATUS_INVALID_ARGUMENT;
+
ptr.package = blobmsg_data(tb[RPC_A_CONFIG]);
if (uci_load(cursor, ptr.package, &p))
{
blobmsg_for_each_attr(cur, tb[RPC_A_VALUES], rem)
{
+ ptr.flags = 0;
ptr.o = NULL;
ptr.option = blobmsg_name(cur);
+ if (!rpc_uci_verify_name(ptr.option))
+ {
+ if (!err)
+ err = UBUS_STATUS_INVALID_ARGUMENT;
+
+ continue;
+ }
+
if (rpc_uci_lookup(&ptr) || !ptr.s)
+ {
+ if (!err)
+ err = UBUS_STATUS_NOT_FOUND;
+
continue;
+ }
switch (blobmsg_type(cur))
{
case BLOBMSG_TYPE_ARRAY:
blobmsg_for_each_attr(elem, cur, rem2)
- if (rpc_uci_format_blob(elem, &ptr.value))
- uci_add_list(cursor, &ptr);
+ {
+ if (!rpc_uci_format_blob(elem, &ptr.value))
+ {
+ if (!err)
+ err = UBUS_STATUS_INVALID_ARGUMENT;
+
+ continue;
+ }
+
+ uci_add_list(cursor, &ptr);
+ }
+
break;
default:
- if (rpc_uci_format_blob(cur, &ptr.value))
+ if (!rpc_uci_format_blob(cur, &ptr.value))
+ {
+ if (!err)
+ err = UBUS_STATUS_INVALID_ARGUMENT;
+ }
+ else
+ {
uci_set(cursor, &ptr);
+ }
+
break;
}
}
}
- uci_save(cursor, p);
+ if (!err)
+ {
+ uci_save(cursor, p);
- blob_buf_init(&buf, 0);
- blobmsg_add_string(&buf, "section", ptr.section);
- ubus_send_reply(ctx, req, buf.head);
+ blob_buf_init(&buf, 0);
+ blobmsg_add_string(&buf, "section", ptr.section);
+ ubus_send_reply(ctx, req, buf.head);
+ }
out:
uci_unload(cursor, p);
- return rpc_uci_status();
+ return err ? err : rpc_uci_status();
}
/*
* 3) in all other cases only emit a set operation if there is no existing
* option of if the existing options value differs from the blob value
*/
-static void
+static int
rpc_uci_merge_set(struct blob_attr *opt, struct uci_ptr *ptr)
{
struct blob_attr *cur;
- int rem;
+ int rem, rv;
+ ptr->flags = 0;
ptr->o = NULL;
ptr->option = blobmsg_name(opt);
ptr->value = NULL;
+ if (!rpc_uci_verify_name(ptr->option))
+ return UBUS_STATUS_INVALID_ARGUMENT;
+
if (rpc_uci_lookup(ptr) || !ptr->s)
- return;
+ return UBUS_STATUS_NOT_FOUND;
if (blobmsg_type(opt) == BLOBMSG_TYPE_ARRAY)
{
if (ptr->o)
uci_delete(cursor, ptr);
+ rv = UBUS_STATUS_INVALID_ARGUMENT;
+
blobmsg_for_each_attr(cur, opt, rem)
- if (rpc_uci_format_blob(cur, &ptr->value))
- uci_add_list(cursor, ptr);
+ {
+ if (!rpc_uci_format_blob(cur, &ptr->value))
+ continue;
+
+ uci_add_list(cursor, ptr);
+ rv = 0;
+ }
+
+ return rv;
}
else if (ptr->o && ptr->o->type == UCI_TYPE_LIST)
{
uci_delete(cursor, ptr);
- if (rpc_uci_format_blob(opt, &ptr->value))
- uci_set(cursor, ptr);
+ if (!rpc_uci_format_blob(opt, &ptr->value))
+ return UBUS_STATUS_INVALID_ARGUMENT;
+
+ uci_set(cursor, ptr);
}
- else if (rpc_uci_format_blob(opt, &ptr->value))
+ else
{
+ if (!rpc_uci_format_blob(opt, &ptr->value))
+ return UBUS_STATUS_INVALID_ARGUMENT;
+
if (!ptr->o || !ptr->o->v.string || strcmp(ptr->o->v.string, ptr->value))
uci_set(cursor, ptr);
}
+
+ return 0;
}
static int
struct uci_package *p = NULL;
struct uci_element *e;
struct uci_ptr ptr = { 0 };
- int rem;
+ int rem, rv, err = 0;
blobmsg_parse(rpc_uci_set_policy, __RPC_S_MAX, tb,
blob_data(msg), blob_len(msg));
if (!rpc_uci_write_access(tb[RPC_S_SESSION], tb[RPC_S_CONFIG]))
return UBUS_STATUS_PERMISSION_DENIED;
+ if (tb[RPC_S_SECTION] &&
+ !rpc_uci_verify_section(blobmsg_data(tb[RPC_S_SECTION])))
+ return UBUS_STATUS_INVALID_ARGUMENT;
+
ptr.package = blobmsg_data(tb[RPC_S_CONFIG]);
if (uci_load(cursor, ptr.package, &p))
{
ptr.section = blobmsg_data(tb[RPC_S_SECTION]);
blobmsg_for_each_attr(cur, tb[RPC_S_VALUES], rem)
- rpc_uci_merge_set(cur, &ptr);
+ {
+ rv = rpc_uci_merge_set(cur, &ptr);
+
+ if (rv)
+ err = rv;
+ }
}
else
{
ptr.section = e->name;
blobmsg_for_each_attr(cur, tb[RPC_S_VALUES], rem)
- rpc_uci_merge_set(cur, &ptr);
+ {
+ rv = rpc_uci_merge_set(cur, &ptr);
+
+ if (rv)
+ err = rv;
+ }
}
}
- uci_save(cursor, p);
+ if (!err && !ptr.s)
+ err = UBUS_STATUS_NOT_FOUND;
+
+ if (!err)
+ uci_save(cursor, p);
+
uci_unload(cursor, p);
- return rpc_uci_status();
+ return err ? err : rpc_uci_status();
}
/*
* 2) if the blob is of type string, delete the option named after its value
* 3) if the blob is NULL, delete entire section
*/
-static void
+static int
rpc_uci_merge_delete(struct blob_attr *opt, struct uci_ptr *ptr)
{
struct blob_attr *cur;
- int rem;
+ int rem, rv;
if (rpc_uci_lookup(ptr) || !ptr->s)
- return;
+ return UBUS_STATUS_NOT_FOUND;
if (!opt)
{
ptr->option = NULL;
uci_delete(cursor, ptr);
+ return 0;
}
else if (blobmsg_type(opt) == BLOBMSG_TYPE_ARRAY)
{
+ rv = UBUS_STATUS_NOT_FOUND;
+
blobmsg_for_each_attr(cur, opt, rem)
{
if (blobmsg_type(cur) != BLOBMSG_TYPE_STRING)
continue;
uci_delete(cursor, ptr);
+ rv = 0;
}
+
+ return rv;
}
else if (blobmsg_type(opt) == BLOBMSG_TYPE_STRING)
{
ptr->option = blobmsg_data(opt);
if (rpc_uci_lookup(ptr) || !ptr->o)
- return;
+ return UBUS_STATUS_NOT_FOUND;
uci_delete(cursor, ptr);
+ return 0;
}
+
+ return UBUS_STATUS_INVALID_ARGUMENT;
}
static int
struct uci_package *p = NULL;
struct uci_element *e, *tmp;
struct uci_ptr ptr = { 0 };
+ int err = 0;
blobmsg_parse(rpc_uci_delete_policy, __RPC_D_MAX, tb,
blob_data(msg), blob_len(msg));
if (!rpc_uci_write_access(tb[RPC_D_SESSION], tb[RPC_D_CONFIG]))
return UBUS_STATUS_PERMISSION_DENIED;
+ if (tb[RPC_D_TYPE] &&
+ !rpc_uci_verify_type(blobmsg_data(tb[RPC_D_TYPE])))
+ return UBUS_STATUS_INVALID_ARGUMENT;
+
+ if (tb[RPC_D_SECTION] &&
+ !rpc_uci_verify_section(blobmsg_data(tb[RPC_D_SECTION])))
+ return UBUS_STATUS_INVALID_ARGUMENT;
+
ptr.package = blobmsg_data(tb[RPC_D_CONFIG]);
if (uci_load(cursor, ptr.package, &p))
ptr.section = blobmsg_data(tb[RPC_D_SECTION]);
if (tb[RPC_D_OPTIONS])
- rpc_uci_merge_delete(tb[RPC_D_OPTIONS], &ptr);
+ err = rpc_uci_merge_delete(tb[RPC_D_OPTIONS], &ptr);
else
- rpc_uci_merge_delete(tb[RPC_D_OPTION], &ptr);
+ err = rpc_uci_merge_delete(tb[RPC_D_OPTION], &ptr);
}
else
{
ptr.section = e->name;
if (tb[RPC_D_OPTIONS])
- rpc_uci_merge_delete(tb[RPC_D_OPTIONS], &ptr);
+ err = rpc_uci_merge_delete(tb[RPC_D_OPTIONS], &ptr);
else
- rpc_uci_merge_delete(tb[RPC_D_OPTION], &ptr);
+ err = rpc_uci_merge_delete(tb[RPC_D_OPTION], &ptr);
}
+
+ if (!err && !ptr.section)
+ err = UBUS_STATUS_NOT_FOUND;
}
- uci_save(cursor, p);
+ if (!err)
+ uci_save(cursor, p);
+
uci_unload(cursor, p);
- return rpc_uci_status();
+ return err ? err : rpc_uci_status();
}
static int
ptr.section = blobmsg_data(tb[RPC_R_SECTION]);
ptr.value = blobmsg_data(tb[RPC_R_NAME]);
+ if (!rpc_uci_verify_name(ptr.value))
+ return UBUS_STATUS_INVALID_ARGUMENT;
+
if (tb[RPC_R_OPTION])
ptr.option = blobmsg_data(tb[RPC_R_OPTION]);
struct blob_attr *cur;
struct uci_package *p = NULL;
struct uci_ptr ptr = { 0 };
- int rem, i = 1;
+ int rem, i = 0, err = 0;
blobmsg_parse(rpc_uci_order_policy, __RPC_O_MAX, tb,
blob_data(msg), blob_len(msg));
blobmsg_for_each_attr(cur, tb[RPC_O_SECTIONS], rem)
{
if (blobmsg_type(cur) != BLOBMSG_TYPE_STRING)
+ {
+ if (!err)
+ err = UBUS_STATUS_INVALID_ARGUMENT;
+
continue;
+ }
ptr.s = NULL;
ptr.section = blobmsg_data(cur);
if (uci_lookup_ptr(cursor, &ptr, NULL, true) || !ptr.s)
+ {
+ if (!err)
+ err = UBUS_STATUS_NOT_FOUND;
+
continue;
+ }
uci_reorder_section(cursor, ptr.s, i++);
}
- uci_save(cursor, p);
+ if (!err)
+ uci_save(cursor, p);
+
uci_unload(cursor, p);
- return rpc_uci_status();
+ return err ? err : rpc_uci_status();
}
static void
uci_unload(cursor, p);
}
+ free(configs);
+
blobmsg_close_table(&buf, c);
ubus_send_reply(ctx, req, buf.head);
for (i = 0; configs[i]; i++)
blobmsg_add_string(&buf, NULL, configs[i]);
+ free(configs);
+
blobmsg_close_array(&buf, c);
ubus_send_reply(ctx, req, buf.head);
return;
rpc_uci_do_rollback(apply_ctx, &gl);
+
+ globfree(&gl);
}
static int
projects / oweals / rpcd.git / blobdiff