diff options
| author | Inga Stotland <inga.stotland@intel.com> | 2021-02-12 13:42:42 -0800 |
|---|---|---|
| committer | Brian Gix <brian.gix@intel.com> | 2021-02-16 11:51:00 -0800 |
| commit | bc65e8840dcf2c3c42f5cefed7cc1ea9e0ff3669 (patch) | |
| tree | e81ac8cdffff087513958bbe342c91a576cafc91 | |
| parent | 400e738bf07b5950460e3246af343a1737918481 (diff) | |
| download | bluez-bc65e8840dcf2c3c42f5cefed7cc1ea9e0ff3669.tar.gz | |
mesh: Add validation of Device UUID value
Validate that the value of Device UUID supplied in
CreateNetwork/Join/Import methods is compliant with RFC 4122.
| -rw-r--r-- | Makefile.am | 6 | ||||
| -rw-r--r-- | mesh/mesh.c | 18 |
2 files changed, 13 insertions, 11 deletions
diff --git a/Makefile.am b/Makefile.am index d0f979586..86f3409c3 100644 --- a/Makefile.am +++ b/Makefile.am @@ -134,7 +134,8 @@ ell_headers = ell/util.h \ ell/base64.h \ ell/asn1-private.h \ ell/cert-private.h \ - ell/pem-private.h + ell/pem-private.h \ + ell/uuid.h ell_sources = ell/private.h ell/missing.h \ ell/util.c \ @@ -169,7 +170,8 @@ ell_sources = ell/private.h ell/missing.h \ ell/gvariant-private.h \ ell/gvariant-util.c \ ell/siphash-private.h \ - ell/siphash.c + ell/siphash.c \ + ell/uuid.c ell_libell_internal_la_SOURCES = $(ell_headers) $(ell_sources) endif diff --git a/mesh/mesh.c b/mesh/mesh.c index f29e8b6be..62d650328 100644 --- a/mesh/mesh.c +++ b/mesh/mesh.c @@ -533,7 +533,7 @@ static struct l_dbus_message *join_network_call(struct l_dbus *dbus, void *user_data) { const char *app_path, *sender; - struct l_dbus_message_iter iter_uuid; + struct l_dbus_message_iter iter; uint32_t n; l_debug("Join network request"); @@ -543,14 +543,13 @@ static struct l_dbus_message *join_network_call(struct l_dbus *dbus, "Provisioning in progress"); if (!l_dbus_message_get_arguments(msg, "oay", &app_path, - &iter_uuid)) + &iter)) return dbus_error(msg, MESH_ERROR_INVALID_ARGS, NULL); join_pending = l_new(struct join_data, 1); - if (!l_dbus_message_iter_get_fixed_array(&iter_uuid, - &join_pending->uuid, &n) - || n != 16) { + if (!l_dbus_message_iter_get_fixed_array(&iter, &join_pending->uuid, &n) + || n != 16 || !l_uuid_is_valid(join_pending->uuid)) { l_free(join_pending); join_pending = NULL; return dbus_error(msg, MESH_ERROR_INVALID_ARGS, @@ -785,8 +784,8 @@ static struct l_dbus_message *create_network_call(struct l_dbus *dbus, &iter_uuid)) return dbus_error(msg, MESH_ERROR_INVALID_ARGS, NULL); - if (!l_dbus_message_iter_get_fixed_array(&iter_uuid, &uuid, &n) - || n != 16) + if (!l_dbus_message_iter_get_fixed_array(&iter_uuid, &uuid, &n) || + n != 16 || !l_uuid_is_valid(uuid)) return dbus_error(msg, MESH_ERROR_INVALID_ARGS, "Bad device UUID"); @@ -835,8 +834,9 @@ static struct l_dbus_message *import_call(struct l_dbus *dbus, return dbus_error(msg, MESH_ERROR_INVALID_ARGS, NULL); if (!l_dbus_message_iter_get_fixed_array(&iter_uuid, &uuid, &n) || - n != 16) - return dbus_error(msg, MESH_ERROR_INVALID_ARGS, "Bad dev UUID"); + n != 16 || !l_uuid_is_valid(uuid)) + return dbus_error(msg, MESH_ERROR_INVALID_ARGS, + "Bad device UUID"); if (node_find_by_uuid(uuid)) return dbus_error(msg, MESH_ERROR_ALREADY_EXISTS, |