diff options
author | Richard Hughes <richard@hughsie.com> | 2016-08-17 20:25:12 +0100 |
---|---|---|
committer | Richard Hughes <richard@hughsie.com> | 2016-08-17 20:30:25 +0100 |
commit | 2ec31bac7bd77e7b39c502276f4acec21ed9d576 (patch) | |
tree | 9a0b21c53e41e6dbe755e40c280ee9c7444ddf41 /libappstream-glib/as-yaml.c | |
parent | e35d8320711a2e9f0de5f042d95527823a814191 (diff) | |
download | appstream-glib-2ec31bac7bd77e7b39c502276f4acec21ed9d576.tar.gz |
Sanity check YAML files before parsing
It seems as_node_yaml_process_layer() just spins if you pass it data with an
invalid header. If we can't trust libyaml, try to check the first line and
return an error if it doesn't match what we expect.
Works around https://bugs.launchpad.net/ubuntu/+source/fwupd/+bug/1591868
although the real bugs lie both in libyaml for spinning forever on invalid
input, *and* whatever project wrote that invalid DEP-11 file.
Diffstat (limited to 'libappstream-glib/as-yaml.c')
-rw-r--r-- | libappstream-glib/as-yaml.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/libappstream-glib/as-yaml.c b/libappstream-glib/as-yaml.c index b1b486d..e0c9c3f 100644 --- a/libappstream-glib/as-yaml.c +++ b/libappstream-glib/as-yaml.c @@ -272,6 +272,21 @@ as_yaml_from_data (const gchar *data, gssize data_len, GError **error) AsNode *node = NULL; #if AS_BUILD_DEP11 yaml_parser_t parser; + g_autofree gchar *prefix = NULL; + + /* sanity check */ + prefix = g_strndup (data, 64); + g_strdelimit (prefix, "\n", '\0'); + if (!g_str_has_prefix (prefix, "---") && + !g_str_has_prefix (prefix, "#") && + !g_str_has_prefix (prefix, "File: ")) { + g_set_error (error, + AS_NODE_ERROR, + AS_NODE_ERROR_INVALID_MARKUP, + "YAML prefix invalid: %s expected '---' or '#'", + prefix); + return NULL; + } /* parse */ yaml_parser_initialize (&parser); |