libubus: check for non-NULL data before running callbacks

UBUS_MSG_INVOKE and UBUS_MSG_DATA can be sent without UBUS_ATTR_DATA
present. Most ubus users assume that the msg argument passed can never
be NULL, so this change prevents a crash

Signed-off-by: Felix Fietkau <nbd@nbd.name>

diff --git a/libubus-obj.c b/libubus-obj.c
index c1931b314ef24b40f15d06ed6b0c16fcde17155e..2580b2442c4b40ff26f0f7165a966ab9db615b4a 100644 (file)
--- a/libubus-obj.c
+++ b/libubus-obj.c
@@ -74,7 +74,7 @@ ubus_process_invoke(struct ubus_context *ctx, struct ubus_msghdr *hdr,
 
        if (attrbuf[UBUS_ATTR_NO_REPLY])
                no_reply = blob_get_int8(attrbuf[UBUS_ATTR_NO_REPLY]);
-               
+
        req.peer = hdr->peer;
        req.seq = hdr->seq;
        req.object = obj->id;
@@ -94,6 +94,11 @@ ubus_process_invoke(struct ubus_context *ctx, struct ubus_msghdr *hdr,
        goto send;
 
 found:
+       if (!attrbuf[UBUS_ATTR_DATA]) {
+               ret = UBUS_STATUS_INVALID_ARGUMENT;
+               goto send;
+       }
+
        ret = obj->methods[method].handler(ctx, obj, &req,
                                           blob_data(attrbuf[UBUS_ATTR_METHOD]),
                                           attrbuf[UBUS_ATTR_DATA]);

diff --git a/libubus-req.c b/libubus-req.c
index 92f80fa7f75e844909999a0e0cf82ae1663c94d9..4eda383e90e850259fdc86e459d48f46f307d086 100644 (file)
--- a/libubus-req.c
+++ b/libubus-req.c
@@ -32,6 +32,9 @@ static void req_data_cb(struct ubus_request *req, int type, struct blob_attr *da
                return;
 
        attr = ubus_parse_msg(data);
+       if (!attr[UBUS_ATTR_DATA])
+               return;
+
        req->data_cb(req, type, attr[UBUS_ATTR_DATA]);
 }