From: youngman Date: Wed, 6 Apr 2016 00:26:57 +0000 (+0900) Subject: validation check of resource uri_path/type/interface X-Git-Tag: submit/tizen/20160406.082251~1 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=c5b55d4bca16d1008e185ec0151c20aef9f697c9;p=platform%2Fcore%2Fiot%2Fiotcon.git validation check of resource uri_path/type/interface Change-Id: Ib9b12469e9fdf2d5cb30a5eea526e2fea57d9c39 Signed-off-by: youngman --- diff --git a/lib/icl-lite-resource.c b/lib/icl-lite-resource.c index 127cfd8..98434b1 100644 --- a/lib/icl-lite-resource.c +++ b/lib/icl-lite-resource.c @@ -305,8 +305,8 @@ API int iotcon_lite_resource_create(const char *uri_path, RETV_IF(false == ic_utils_check_oic_feature_supported(), IOTCON_ERROR_NOT_SUPPORTED); RETV_IF(NULL == icl_dbus_get_object(), IOTCON_ERROR_DBUS); RETV_IF(NULL == uri_path, IOTCON_ERROR_INVALID_PARAMETER); - RETVM_IF(ICL_URI_PATH_LENGTH_MAX < strlen(uri_path), - IOTCON_ERROR_INVALID_PARAMETER, "Invalid uri_path(%s)", uri_path); + RETV_IF(false == icl_resource_check_uri_path(uri_path), + IOTCON_ERROR_INVALID_PARAMETER); RETV_IF(NULL == res_types, IOTCON_ERROR_INVALID_PARAMETER); RETV_IF(NULL == resource_handle, IOTCON_ERROR_INVALID_PARAMETER); diff --git a/lib/icl-presence.c b/lib/icl-presence.c index b3ff556..ecf5303 100644 --- a/lib/icl-presence.c +++ b/lib/icl-presence.c @@ -25,6 +25,7 @@ #include "iotcon-internal.h" #include "ic-utils.h" #include "icl.h" +#include "icl-resource.h" #include "icl-resource-types.h" #include "icl-dbus.h" @@ -184,11 +185,8 @@ API int iotcon_add_presence_cb(const char *host_address, RETV_IF(NULL == icl_dbus_get_object(), IOTCON_ERROR_INVALID_PARAMETER); RETV_IF(NULL == cb, IOTCON_ERROR_INVALID_PARAMETER); RETV_IF(NULL == presence_handle, IOTCON_ERROR_INVALID_PARAMETER); - - if (resource_type && (ICL_RESOURCE_TYPE_LENGTH_MAX < strlen(resource_type))) { - ERR("The length of resource_type(%s) is invalid", resource_type); - return IOTCON_ERROR_INVALID_PARAMETER; - } + RETV_IF(resource_type && (false == icl_resource_check_type(resource_type)), + IOTCON_ERROR_INVALID_PARAMETER); if ((IOTCON_MULTICAST_ADDRESS == host_address || '\0' == host_address[0]) && (IOTCON_CONNECTIVITY_IPV4 != connectivity_type diff --git a/lib/icl-query.c b/lib/icl-query.c index 301c21d..19da91f 100644 --- a/lib/icl-query.c +++ b/lib/icl-query.c @@ -23,6 +23,7 @@ #include "iotcon-types.h" #include "ic-utils.h" #include "icl.h" +#include "icl-resource.h" #include "icl-resource-types.h" #include "icl-query.h" @@ -101,12 +102,14 @@ API int iotcon_query_set_resource_type(iotcon_query_h query, const char *resourc RETV_IF(false == ic_utils_check_oic_feature_supported(), IOTCON_ERROR_NOT_SUPPORTED); RETV_IF(NULL == query, IOTCON_ERROR_INVALID_PARAMETER); + RETV_IF(resource_type && (false == icl_resource_check_type(resource_type)), + IOTCON_ERROR_INVALID_PARAMETER); value = g_hash_table_lookup(query->hash, ICL_QUERY_KEY_RESOURCE_TYPE); if (value) length_old = (sizeof(ICL_QUERY_KEY_RESOURCE_TYPE) - 1) + strlen(value) + 2; - if (resource_type && *resource_type) + if (resource_type) length_new = (sizeof(ICL_QUERY_KEY_RESOURCE_TYPE) - 1) + strlen(resource_type) + 2; if (ICL_QUERY_LENGTH_MAX < query->len - length_old + length_new) { @@ -131,12 +134,14 @@ API int iotcon_query_set_interface(iotcon_query_h query, const char *resource_if RETV_IF(false == ic_utils_check_oic_feature_supported(), IOTCON_ERROR_NOT_SUPPORTED); RETV_IF(NULL == query, IOTCON_ERROR_INVALID_PARAMETER); + RETV_IF(resource_iface && (false == icl_resource_check_interface(resource_iface)), + IOTCON_ERROR_INVALID_PARAMETER); value = g_hash_table_lookup(query->hash, ICL_QUERY_KEY_INTERFACE); if (value) length_old = (sizeof(ICL_QUERY_KEY_INTERFACE) - 1) + strlen(value) + 2; - if (resource_iface && *resource_iface) + if (resource_iface) length_new = (sizeof(ICL_QUERY_KEY_INTERFACE) - 1) + strlen(resource_iface) + 2; if (ICL_QUERY_LENGTH_MAX < query->len - length_old + length_new) { diff --git a/lib/icl-remote-resource.c b/lib/icl-remote-resource.c index fed1f69..a6bc98a 100644 --- a/lib/icl-remote-resource.c +++ b/lib/icl-remote-resource.c @@ -29,6 +29,7 @@ #include "icl-dbus.h" #include "icl-representation.h" #include "icl-remote-resource.h" +#include "icl-resource.h" #include "icl-resource-types.h" #include "icl-resource-interfaces.h" #include "icl-payload.h" @@ -77,6 +78,7 @@ static void _icl_found_resource_cb(GDBusConnection *connection, if (cb) cb(resource, IOTCON_ERROR_NONE, cb_container->user_data); + resource->is_found = false; iotcon_remote_resource_destroy(resource); } @@ -127,10 +129,8 @@ API int iotcon_find_resource(const char *host_address, RETV_IF(false == ic_utils_check_oic_feature_supported(), IOTCON_ERROR_NOT_SUPPORTED); RETV_IF(NULL == icl_dbus_get_object(), IOTCON_ERROR_DBUS); RETV_IF(NULL == cb, IOTCON_ERROR_INVALID_PARAMETER); - if (resource_type && (ICL_RESOURCE_TYPE_LENGTH_MAX < strlen(resource_type))) { - ERR("The length of resource_type(%s) is invalid", resource_type); - return IOTCON_ERROR_INVALID_PARAMETER; - } + RETV_IF(resource_type && (false == icl_resource_check_type(resource_type)), + IOTCON_ERROR_INVALID_PARAMETER); timeout = icl_dbus_get_timeout(); @@ -198,6 +198,8 @@ API int iotcon_remote_resource_create(const char *host_address, RETV_IF(false == ic_utils_check_oic_feature_supported(), IOTCON_ERROR_NOT_SUPPORTED); RETV_IF(NULL == host_address, IOTCON_ERROR_INVALID_PARAMETER); RETV_IF(NULL == uri_path, IOTCON_ERROR_INVALID_PARAMETER); + RETV_IF(false == icl_resource_check_uri_path(uri_path), + IOTCON_ERROR_INVALID_PARAMETER); RETV_IF(NULL == resource_types, IOTCON_ERROR_INVALID_PARAMETER); RETV_IF(NULL == resource_ifaces, IOTCON_ERROR_INVALID_PARAMETER); RETV_IF(NULL == resource_handle, IOTCON_ERROR_INVALID_PARAMETER); diff --git a/lib/icl-representation.c b/lib/icl-representation.c index b2a118d..53884bc 100644 --- a/lib/icl-representation.c +++ b/lib/icl-representation.c @@ -114,6 +114,8 @@ API int iotcon_representation_set_uri_path(iotcon_representation_h repr, RETV_IF(false == ic_utils_check_oic_feature_supported(), IOTCON_ERROR_NOT_SUPPORTED); RETV_IF(NULL == repr, IOTCON_ERROR_INVALID_PARAMETER); RETV_IF(NULL == uri_path, IOTCON_ERROR_INVALID_PARAMETER); + RETV_IF(false == icl_resource_check_uri_path(uri_path), + IOTCON_ERROR_INVALID_PARAMETER); free(repr->uri_path); repr->uri_path = strdup(uri_path); diff --git a/lib/icl-resource-interfaces.c b/lib/icl-resource-interfaces.c index 3353cff..df7441e 100644 --- a/lib/icl-resource-interfaces.c +++ b/lib/icl-resource-interfaces.c @@ -21,6 +21,7 @@ #include "iotcon-types.h" #include "ic-utils.h" #include "icl.h" +#include "icl-resource.h" #include "icl-resource-interfaces.h" iotcon_resource_interfaces_h icl_resource_interfaces_ref( @@ -102,6 +103,7 @@ API int iotcon_resource_interfaces_add(iotcon_resource_interfaces_h ifaces, RETV_IF(NULL == iface, IOTCON_ERROR_INVALID_PARAMETER); RETVM_IF(1 < ifaces->ref_count, IOTCON_ERROR_INVALID_PARAMETER, "Don't modify it. It is already set."); + RETV_IF(false == icl_resource_check_interface(iface), IOTCON_ERROR_INVALID_PARAMETER); if (true == _icl_resource_interfaces_duplicate_check(ifaces, iface)) { ERR("%s is already contained.", iface); diff --git a/lib/icl-resource-types.c b/lib/icl-resource-types.c index a8e3205..0e693f0 100644 --- a/lib/icl-resource-types.c +++ b/lib/icl-resource-types.c @@ -21,6 +21,7 @@ #include "iotcon-types.h" #include "ic-utils.h" #include "icl.h" +#include "icl-resource.h" #include "icl-resource-types.h" iotcon_resource_types_h icl_resource_types_ref(iotcon_resource_types_h types) @@ -101,12 +102,7 @@ API int iotcon_resource_types_add(iotcon_resource_types_h types, const char *typ RETV_IF(NULL == type, IOTCON_ERROR_INVALID_PARAMETER); RETVM_IF(1 < types->ref_count, IOTCON_ERROR_INVALID_PARAMETER, "Don't modify it. It is already set."); - - if (ICL_RESOURCE_TYPE_LENGTH_MAX < strlen(type)) { - ERR("The length of type(%s) should be less than or equal to %d.", type, - ICL_RESOURCE_TYPE_LENGTH_MAX); - return IOTCON_ERROR_INVALID_PARAMETER; - } + RETV_IF(false == icl_resource_check_type(type), IOTCON_ERROR_INVALID_PARAMETER); if (true == _icl_resource_types_duplicate_check(types, type)) { ERR("%s is already contained.", type); diff --git a/lib/icl-resource.c b/lib/icl-resource.c index 0e35b67..90f9346 100644 --- a/lib/icl-resource.c +++ b/lib/icl-resource.c @@ -152,6 +152,79 @@ static void _icl_resource_conn_cleanup(iotcon_resource_h resource) } +bool icl_resource_check_uri_path(const char *uri_path) +{ + int i; + + RETV_IF(NULL == uri_path, false); + + if (ICL_URI_PATH_LENGTH_MAX < strlen(uri_path)) { + ERR("The length of URI path(%s) should be less than or equal to %d.", uri_path, + ICL_URI_PATH_LENGTH_MAX); + return false; + } + + if ('/' != uri_path[0]) { + ERR("URI path should start with '/'"); + return false; + } + + for (i = 0; '\0' != uri_path[i]; i++) { + if ('?' == uri_path[i]) { + ERR("'?' is not allowed"); + return false; + } + } + + return true; +} + + +static bool _check_type_interface(const char *src) +{ + int i; + + if (src[0] < 'a' || 'z' < src[0]) { + ERR("'%c' is not allowed", src[0]); + return false; + } + + for (i = 1; '\0' != src[i]; i++) { + if ('.' == src[i]) + continue; + if ('-' == src[i]) + continue; + if ((src[i] < 'a' || 'z' < src[i]) && (src[i] < '0' || '9' < src[i])) { + ERR("'%c' is not allowed", src[i]); + return false; + } + } + return true; +} + + +bool icl_resource_check_type(const char *type) +{ + RETV_IF(NULL == type, false); + + if (ICL_RESOURCE_TYPE_LENGTH_MAX < strlen(type)) { + ERR("The length of type(%s) should be less than or equal to %d.", type, + ICL_RESOURCE_TYPE_LENGTH_MAX); + return false; + } + + return _check_type_interface(type); +} + + +bool icl_resource_check_interface(const char *iface) +{ + RETV_IF(NULL == iface, false); + + return _check_type_interface(iface); +} + + /* The length of uri_path should be less than or equal to 36. */ API int iotcon_resource_create(const char *uri_path, iotcon_resource_types_h res_types, @@ -172,8 +245,8 @@ API int iotcon_resource_create(const char *uri_path, RETV_IF(false == ic_utils_check_oic_feature_supported(), IOTCON_ERROR_NOT_SUPPORTED); RETV_IF(NULL == icl_dbus_get_object(), IOTCON_ERROR_DBUS); RETV_IF(NULL == uri_path, IOTCON_ERROR_INVALID_PARAMETER); - RETVM_IF(ICL_URI_PATH_LENGTH_MAX < strlen(uri_path), - IOTCON_ERROR_INVALID_PARAMETER, "Invalid uri_path(%s)", uri_path); + RETV_IF(false == icl_resource_check_uri_path(uri_path), + IOTCON_ERROR_INVALID_PARAMETER); RETV_IF(NULL == res_types, IOTCON_ERROR_INVALID_PARAMETER); RETV_IF(NULL == ifaces, IOTCON_ERROR_INVALID_PARAMETER); RETV_IF(NULL == cb, IOTCON_ERROR_INVALID_PARAMETER); @@ -303,6 +376,8 @@ API int iotcon_resource_bind_interface(iotcon_resource_h resource, const char *i RETV_IF(NULL == icl_dbus_get_object(), IOTCON_ERROR_DBUS); RETV_IF(NULL == resource, IOTCON_ERROR_INVALID_PARAMETER); RETV_IF(NULL == iface, IOTCON_ERROR_INVALID_PARAMETER); + RETV_IF(false == icl_resource_check_interface(iface), IOTCON_ERROR_INVALID_PARAMETER); + if (0 == resource->sub_id) { ERR("Invalid Resource handle"); return IOTCON_ERROR_INVALID_PARAMETER; @@ -355,6 +430,9 @@ API int iotcon_resource_bind_type(iotcon_resource_h resource, const char *resour RETV_IF(NULL == icl_dbus_get_object(), IOTCON_ERROR_DBUS); RETV_IF(NULL == resource, IOTCON_ERROR_INVALID_PARAMETER); RETV_IF(NULL == resource_type, IOTCON_ERROR_INVALID_PARAMETER); + RETV_IF(false == icl_resource_check_type(resource_type), + IOTCON_ERROR_INVALID_PARAMETER); + if (0 == resource->sub_id) { ERR("Invalid Resource handle"); return IOTCON_ERROR_INVALID_PARAMETER; diff --git a/lib/icl-resource.h b/lib/icl-resource.h index 97e55cb..ef6c96c 100644 --- a/lib/icl-resource.h +++ b/lib/icl-resource.h @@ -54,4 +54,8 @@ struct icl_resource { iotcon_observers_h observers; }; +bool icl_resource_check_uri_path(const char *uri_path); +bool icl_resource_check_type(const char *type); +bool icl_resource_check_interface(const char *iface); + #endif /*__IOT_CONNECTIVITY_MANAGER_LIBRARY_RESOURCE_H__*/