From: Jaehyun Kim <jeik01.kim@samsung.com>
Date: Wed, 4 Sep 2024 03:25:19 +0000 (+0900)
Subject: Check validity of config_id when saving WiFi conf
X-Git-Tag: accepted/tizen/6.0/unified/20240905.082822^0
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fheads%2Faccepted%2Ftizen_6.0_unified;p=platform%2Fcore%2Fconnectivity%2Fnet-config.git

Check validity of config_id when saving WiFi conf

Change-Id: I410eca62da878035b6c034b617fec4bbaa72ccff
Signed-off-by: Jaehyun Kim <jeik01.kim@samsung.com>
---

diff --git a/src/wifi-config.c b/src/wifi-config.c
index 5911505..cdd9714 100755
--- a/src/wifi-config.c
+++ b/src/wifi-config.c
@@ -20,6 +20,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <ctype.h>
 #include <sys/types.h>
 #include <dirent.h>
 #include <sys/stat.h>
@@ -50,6 +51,7 @@
 #define MAC_ADDRESS_LENGTH		12
 #define WIFI_PREFIX_LENGTH		MAC_ADDRESS_LENGTH + 6	/* wifi_485a3f2f506a_ */
 #define PROFILE_PREFIX_LENGTH	WIFI_PREFIX_LENGTH + 21	/* /net/connman/service/wifi_485a3f2f506a_ */
+#define WIFI_CONFIG_ID_LENGTH	82 /* SSID(in hex) + "_managed_ieee8021x"  */
 
 #define WIFI_MAC_PATH_LENGTH		64
 #define WIFI_MAC_ADDR_LENGTH		17
@@ -1183,6 +1185,27 @@ static unsigned char __netconfig_convert_netmask_to_prefixlen(
 	return bits;
 }
 
+gboolean __netconfig_is_valid_config_id(const gchar *config_id)
+{
+	int length;
+
+	if (!config_id)
+		return FALSE;
+
+	length = strlen(config_id);
+	if (length < 1 || length > WIFI_CONFIG_ID_LENGTH)
+		return FALSE;
+
+	for (int i = 0; i < length; i++) {
+		if (!(islower(config_id[i])) &&
+				!(isdigit(config_id[i])) &&
+				config_id[i] != '_')
+			return FALSE;
+	}
+
+	return TRUE;
+}
+
 gboolean handle_save_configuration(Wifi *wifi, GDBusMethodInvocation *context,
 		const gchar *ifname, const gchar *config_id, GVariant *configuration)
 {
@@ -1195,7 +1218,9 @@ gboolean handle_save_configuration(Wifi *wifi, GDBusMethodInvocation *context,
 	gchar *group_name = NULL;
 	int order = 0;
 
-	if ((wifi == NULL) || (config_id == NULL) || (configuration == NULL)) {
+	if ((wifi == NULL) ||
+			(__netconfig_is_valid_config_id(config_id) == FALSE) ||
+			(configuration == NULL)) {
 		ERR("Invalid parameter");
 		netconfig_error_invalid_parameter(context);
 		return TRUE;