From 55901bde6c1dfcf1eb725e4b8636876bdf1fba5d Mon Sep 17 00:00:00 2001 From: Abhishek Sharma Date: Sat, 17 Sep 2016 12:57:28 +0530 Subject: [PATCH] Check parsing response from cjson Prevent crash if invalid json response received from server. Change-Id: I339796be64ca4ec46d2e68a02b7f128a8c2fcdab Signed-off-by: Abhishek Sharma Reviewed-on: https://gerrit.iotivity.org/gerrit/11905 Tested-by: jenkins-iotivity Reviewed-by: jihwan seo Reviewed-by: Madan Lanka (cherry picked from commit 4815e501d2af69d9b19fd28e866134c61b0dd981) Reviewed-on: https://gerrit.iotivity.org/gerrit/12119 Reviewed-by: Uze Choi --- service/coap-http-proxy/samples/proxy_client.c | 8 +- service/coap-http-proxy/src/CoapHttpHandler.c | 104 ++++++++++++++----------- 2 files changed, 62 insertions(+), 50 deletions(-) diff --git a/service/coap-http-proxy/samples/proxy_client.c b/service/coap-http-proxy/samples/proxy_client.c index b3ad8a9..95b4ae8 100644 --- a/service/coap-http-proxy/samples/proxy_client.c +++ b/service/coap-http-proxy/samples/proxy_client.c @@ -88,10 +88,10 @@ static void PrintUsage() { OIC_LOG(INFO, TAG, "Usage : proxy_client -t <1..5>"); OIC_LOG(INFO, TAG, "-t 1 : Discover Proxy"); - OIC_LOG(INFO, TAG, "-t 2 -p \"http_uri\": Discover Proxy and Initiate GET Request"); - OIC_LOG(INFO, TAG, "-t 3 -p \"http_uri\": Discover Proxy and Initiate POST Request"); - OIC_LOG(INFO, TAG, "-t 4 -p \"http_uri\": Discover Proxy and Initiate PUT Request"); - OIC_LOG(INFO, TAG, "-t 5 -p \"http_uri\": Discover Proxy and Initiate DELETE Request"); + OIC_LOG(INFO, TAG, "-t 2 -p \"http_uri\": Discover Proxy and Initiate HTTP GET Request"); + OIC_LOG(INFO, TAG, "-t 3 -p \"http_uri\": Discover Proxy and Initiate HTTP POST Request"); + OIC_LOG(INFO, TAG, "-t 4 -p \"http_uri\": Discover Proxy and Initiate HTTP PUT Request"); + OIC_LOG(INFO, TAG, "-t 5 -p \"http_uri\": Discover Proxy and Initiate HTTP DELETE Request"); } OCStackApplicationResult putReqCB(void* ctx, OCDoHandle handle, diff --git a/service/coap-http-proxy/src/CoapHttpHandler.c b/service/coap-http-proxy/src/CoapHttpHandler.c index f0ee86d..e0b830c 100644 --- a/service/coap-http-proxy/src/CoapHttpHandler.c +++ b/service/coap-http-proxy/src/CoapHttpHandler.c @@ -136,7 +136,7 @@ static void CHPGetProxyURI(OCHeaderOption* options, uint8_t *numOptions, char* u size_t uriLength) { OIC_LOG(DEBUG, TAG, "CHPGetProxyURI IN"); - if(!uri || uriLength <= 0) + if (!uri || uriLength <= 0) { OIC_LOG (INFO, TAG, "Invalid uri buffer"); return; @@ -173,7 +173,7 @@ static void CHPGetProxyURI(OCHeaderOption* options, uint8_t *numOptions, char* u static OCRepPayload* CHPGetDiscoveryPayload() { OCRepPayload* payload = OCRepPayloadCreate(); - if(!payload) + if (!payload) { OIC_LOG(ERROR, TAG, PCF("Failed to create Payload")); return NULL; @@ -191,7 +191,7 @@ OCEntityHandlerResult CHPEntityHandler(OCEntityHandlerFlag flag, OIC_LOG_V(INFO, TAG, "Proxy request received"); UNUSED(callbackParam); - if(!g_isCHProxyInitialized) + if (!g_isCHProxyInitialized) { OIC_LOG (ERROR, TAG, "Proxy not initialized"); return OC_EH_INTERNAL_SERVER_ERROR; @@ -203,7 +203,7 @@ OCEntityHandlerResult CHPEntityHandler(OCEntityHandlerFlag flag, return OC_EH_ERROR; } - if(flag & OC_OBSERVE_FLAG) + if (flag & OC_OBSERVE_FLAG) { OIC_LOG_V (ERROR, TAG, "Proxy is not observable"); return OC_EH_BAD_REQ; @@ -220,11 +220,11 @@ OCEntityHandlerResult CHPEntityHandler(OCEntityHandlerFlag flag, &(entityHandlerRequest->numRcvdVendorSpecificHeaderOptions), proxyUri, sizeof(proxyUri)); - if(proxyUri[0] != '\0') + if (proxyUri[0] != '\0') { // A request for HTTP resource. Response will be sent asynchronously - if(OC_STACK_OK == CHPHandleOCFRequest(entityHandlerRequest, - proxyUri) ) + if (OC_STACK_OK == CHPHandleOCFRequest(entityHandlerRequest, + proxyUri) ) { return OC_EH_SLOW; } @@ -303,53 +303,65 @@ void CHPHandleHttpResponse(const HttpResponse_t *httpResponse, void *context) // ctxt not required now. OICFree(ctxt); - OCPayloadFormat format = CHPGetOCContentType(httpResponse->dataFormat); - switch (format) + if (httpResponse->dataFormat[0] != '\0') { - case OC_FORMAT_CBOR: - OIC_LOG(DEBUG, TAG, "Payload format is CBOR"); - result = OCParsePayload(&response.payload, PAYLOAD_TYPE_REPRESENTATION, - httpResponse->payload, httpResponse->payloadLength); - if(result != OC_STACK_OK) - { - OIC_LOG(ERROR, TAG, "Error parsing payload"); - response.ehResult = OC_EH_INTERNAL_SERVER_ERROR; - if (OCDoResponse(&response) != OC_STACK_OK) + OCPayloadFormat format = CHPGetOCContentType(httpResponse->dataFormat); + switch (format) + { + case OC_FORMAT_CBOR: + OIC_LOG(DEBUG, TAG, "Payload format is CBOR"); + result = OCParsePayload(&response.payload, PAYLOAD_TYPE_REPRESENTATION, + httpResponse->payload, httpResponse->payloadLength); + if (result != OC_STACK_OK) { - OIC_LOG(ERROR, TAG, "Error sending response"); + OIC_LOG(ERROR, TAG, "Error parsing payload"); + response.ehResult = OC_EH_INTERNAL_SERVER_ERROR; + if (OCDoResponse(&response) != OC_STACK_OK) + { + OIC_LOG(ERROR, TAG, "Error sending response"); + } + return; } - return; - } - break; - case OC_FORMAT_JSON: - OIC_LOG(DEBUG, TAG, "Payload format is JSON"); - cJSON *payloadJson = cJSON_Parse((char *)httpResponse->payload); - OCRepPayload* payloadCbor = OCRepPayloadCreate(); - if(!payloadCbor) - { + break; + case OC_FORMAT_JSON: + OIC_LOG(DEBUG, TAG, "Payload format is JSON"); + cJSON *payloadJson = cJSON_Parse((char *)httpResponse->payload); + if (!payloadJson) + { + OIC_LOG(ERROR, TAG, "Unable to parse json response"); + response.ehResult = OC_EH_INTERNAL_SERVER_ERROR; + if (OCDoResponse(&response) != OC_STACK_OK) + { + OIC_LOG(ERROR, TAG, "Error sending response"); + } + return; + } + OCRepPayload* payloadCbor = OCRepPayloadCreate(); + if (!payloadCbor) + { + response.ehResult = OC_EH_INTERNAL_SERVER_ERROR; + if (OCDoResponse(&response) != OC_STACK_OK) + { + OIC_LOG(ERROR, TAG, "Error sending response"); + } + cJSON_Delete(payloadJson); + return; + } + + CHPJsonToRepPayload(payloadJson, payloadCbor); + response.payload = (OCPayload *)payloadCbor; + cJSON_Delete(payloadJson); + break; + default: + OIC_LOG(ERROR, TAG, "Payload format is not supported"); response.ehResult = OC_EH_INTERNAL_SERVER_ERROR; if (OCDoResponse(&response) != OC_STACK_OK) { OIC_LOG(ERROR, TAG, "Error sending response"); } - cJSON_Delete(payloadJson); return; - } - - CHPJsonToRepPayload(payloadJson, payloadCbor); - response.payload = (OCPayload *)payloadCbor; - cJSON_Delete(payloadJson); - break; - default: - OIC_LOG(ERROR, TAG, "Payload format is not supported"); - response.ehResult = OC_EH_INTERNAL_SERVER_ERROR; - if (OCDoResponse(&response) != OC_STACK_OK) - { - OIC_LOG(ERROR, TAG, "Error sending response"); - } - return; + } } - // Header Options parsing response.numSendVendorSpecificHeaderOptions = 0; OCHeaderOption *optionsPointer = response.sendVendorSpecificHeaderOptions; @@ -428,7 +440,7 @@ OCStackResult CHPHandleOCFRequest(const OCEntityHandlerRequest* requestInfo, { // Conversion from cbor to json. cJSON *payloadJson = CHPRepPayloadToJson((OCRepPayload *)requestInfo->payload); - if(!payloadJson) + if (!payloadJson) { response.ehResult = OC_EH_BAD_REQ; if (OCDoResponse(&response) != OC_STACK_OK) @@ -491,7 +503,7 @@ OCStackResult CHPHandleOCFRequest(const OCEntityHandlerRequest* requestInfo, return OC_STACK_ERROR; } - if(!httpRequest.payloadCached) + if (!httpRequest.payloadCached) { // Free only if parser has not cached it. OICFree(httpRequest.payload); -- 2.7.4