diff options
author | Todd Malsbary <todd.malsbary@intel.com> | 2017-04-26 15:14:04 -0700 |
---|---|---|
committer | Dan Mihai <Daniel.Mihai@microsoft.com> | 2017-05-02 23:47:30 +0000 |
commit | 6758c572ecfa068d953bd3d5ed9614885dae01b1 (patch) | |
tree | 651f3388599fe9afcfc19dc29bf09a00485dc4d9 /resource/csdk | |
parent | 45af560055b9f8ec477da9c2d8ae691c116f6aa6 (diff) | |
download | iotivity-6758c572ecfa068d953bd3d5ed9614885dae01b1.tar.gz iotivity-6758c572ecfa068d953bd3d5ed9614885dae01b1.tar.bz2 iotivity-6758c572ecfa068d953bd3d5ed9614885dae01b1.zip |
[IOT-2128] Check that parsed CborValue is valid before using it.
Bug: https://jira.iotivity.org/browse/IOT-2128
Change-Id: Ie4532842d687a69b25d8f215135edeb2fd2029c6
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/19343
Tested-by: jenkins-iotivity <jenkins@iotivity.org>
Reviewed-by: Dan Mihai <Daniel.Mihai@microsoft.com>
Diffstat (limited to 'resource/csdk')
-rwxr-xr-x | resource/csdk/stack/src/ocpayloadparse.c | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/resource/csdk/stack/src/ocpayloadparse.c b/resource/csdk/stack/src/ocpayloadparse.c index 9fdb003ec..993e6f51a 100755 --- a/resource/csdk/stack/src/ocpayloadparse.c +++ b/resource/csdk/stack/src/ocpayloadparse.c @@ -253,6 +253,8 @@ static OCStackResult OCParseDiscoveryPayloadCbor(OCPayload **outPayload, CborValue linkMap; err = cbor_value_map_find_value(&rootMap, OC_RSRVD_LINKS, &linkMap); VERIFY_CBOR_SUCCESS(TAG, err, "to find links tag"); + err = cbor_value_is_valid(&linkMap) ? CborNoError : CborUnknownError; + VERIFY_CBOR_SUCCESS(TAG, err, "to find links tag"); // Enter the links array and start iterating through the array processing // each resource which shows up as a map. @@ -270,6 +272,8 @@ static OCStackResult OCParseDiscoveryPayloadCbor(OCPayload **outPayload, // Uri err = cbor_value_map_find_value(&resourceMap, OC_RSRVD_HREF, &curVal); VERIFY_CBOR_SUCCESS(TAG, err, "to find href tag"); + err = cbor_value_is_valid(&curVal) ? CborNoError : CborUnknownError; + VERIFY_CBOR_SUCCESS(TAG, err, "to find href tag"); err = cbor_value_dup_text_string(&curVal, &(resource->uri), &len, NULL); VERIFY_CBOR_SUCCESS(TAG, err, "to find href value"); @@ -302,10 +306,14 @@ static OCStackResult OCParseDiscoveryPayloadCbor(OCPayload **outPayload, CborValue policyMap; err = cbor_value_map_find_value(&resourceMap, OC_RSRVD_POLICY, &policyMap); VERIFY_CBOR_SUCCESS(TAG, err, "to find policy tag"); + err = cbor_value_is_valid(&policyMap) ? CborNoError : CborUnknownError; + VERIFY_CBOR_SUCCESS(TAG, err, "to find policy tag"); // Bitmap err = cbor_value_map_find_value(&policyMap, OC_RSRVD_BITMAP, &curVal); VERIFY_CBOR_SUCCESS(TAG, err, "to find bitmap tag"); + err = cbor_value_is_valid(&curVal) ? CborNoError : CborUnknownError; + VERIFY_CBOR_SUCCESS(TAG, err, "to find bitmap tag"); err = cbor_value_get_int(&curVal, &bitmap); VERIFY_CBOR_SUCCESS(TAG, err, "to find bitmap value"); resource->bitmap = (uint8_t)bitmap; @@ -420,6 +428,8 @@ static CborError ParseResources(OCDiscoveryPayload **outPayload, CborValue *reso CborValue curVal; err = cbor_value_map_find_value(resourceMap, OC_RSRVD_HREF, &curVal); VERIFY_CBOR_SUCCESS(TAG, err, "to find href tag"); + err = cbor_value_is_valid(&curVal) ? CborNoError : CborUnknownError; + VERIFY_CBOR_SUCCESS(TAG, err, "to find href tag"); err = cbor_value_dup_text_string(&curVal, &(resource->uri), &len, NULL); VERIFY_CBOR_SUCCESS(TAG, err, "to find href value"); @@ -460,10 +470,14 @@ static CborError ParseResources(OCDiscoveryPayload **outPayload, CborValue *reso CborValue policyMap; err = cbor_value_map_find_value(resourceMap, OC_RSRVD_POLICY, &policyMap); VERIFY_CBOR_SUCCESS(TAG, err, "to find policy tag"); + err = cbor_value_is_valid(&policyMap) ? CborNoError : CborUnknownError; + VERIFY_CBOR_SUCCESS(TAG, err, "to find policy tag"); // Bitmap err = cbor_value_map_find_value(&policyMap, OC_RSRVD_BITMAP, &curVal); VERIFY_CBOR_SUCCESS(TAG, err, "to find bitmap tag"); + err = cbor_value_is_valid(&curVal) ? CborNoError : CborUnknownError; + VERIFY_CBOR_SUCCESS(TAG, err, "to find bitmap tag"); err = cbor_value_get_int(&curVal, &bitmap); VERIFY_CBOR_SUCCESS(TAG, err, "to find bitmap value"); resource->bitmap = (uint8_t)bitmap; @@ -490,6 +504,8 @@ static CborError ParseResources(OCDiscoveryPayload **outPayload, CborValue *reso // ep err = cbor_value_map_find_value(&epMap, OC_RSRVD_ENDPOINT, &curVal); VERIFY_CBOR_SUCCESS(TAG, err, "to find endpoint tag"); + err = cbor_value_is_valid(&curVal) ? CborNoError : CborUnknownError; + VERIFY_CBOR_SUCCESS(TAG, err, "to find endpoint tag"); err = cbor_value_dup_text_string(&curVal, &endpointStr, &len, NULL); VERIFY_CBOR_SUCCESS(TAG, err, "to find endpoint value"); @@ -501,6 +517,8 @@ static CborError ParseResources(OCDiscoveryPayload **outPayload, CborValue *reso // pri err = cbor_value_map_find_value(&epMap, OC_RSRVD_PRIORITY, &curVal); VERIFY_CBOR_SUCCESS(TAG, err, "to find priority tag"); + err = cbor_value_is_valid(&curVal) ? CborNoError : CborUnknownError; + VERIFY_CBOR_SUCCESS(TAG, err, "to find priority tag"); err = cbor_value_get_int(&curVal, &pri); VERIFY_CBOR_SUCCESS(TAG, err, "to find priority value"); endpoint->pri = (uint16_t)pri; @@ -1294,6 +1312,8 @@ static OCStackResult OCParsePresencePayload(OCPayload **outPayload, CborValue *r // Sequence Number CborError err = cbor_value_map_find_value(rootValue, OC_RSRVD_NONCE, &curVal); VERIFY_CBOR_SUCCESS(TAG, err, "Failed finding nonce tag"); + err = cbor_value_is_valid(&curVal) ? CborNoError : CborUnknownError; + VERIFY_CBOR_SUCCESS(TAG, err, "Failed finding nonce tag"); err = cbor_value_get_uint64(&curVal, &temp); payload->sequenceNumber = (uint32_t)temp; VERIFY_CBOR_SUCCESS(TAG, err, "Failed finding nonce value"); @@ -1301,6 +1321,8 @@ static OCStackResult OCParsePresencePayload(OCPayload **outPayload, CborValue *r // Max Age err = cbor_value_map_find_value(rootValue, OC_RSRVD_TTL, &curVal); VERIFY_CBOR_SUCCESS(TAG, err, "Failed finding ttl tag"); + err = cbor_value_is_valid(&curVal) ? CborNoError : CborUnknownError; + VERIFY_CBOR_SUCCESS(TAG, err, "Failed finding ttl tag"); temp = 0; err = cbor_value_get_uint64(&curVal, &temp); payload->maxAge = (uint32_t)temp; @@ -1309,6 +1331,8 @@ static OCStackResult OCParsePresencePayload(OCPayload **outPayload, CborValue *r // Trigger err = cbor_value_map_find_value(rootValue, OC_RSRVD_TRIGGER, &curVal); VERIFY_CBOR_SUCCESS(TAG, err, "Failed finding trigger tag"); + err = cbor_value_is_valid(&curVal) ? CborNoError : CborUnknownError; + VERIFY_CBOR_SUCCESS(TAG, err, "Failed finding trigger tag"); err = cbor_value_get_simple_type(&curVal, &trigger); VERIFY_CBOR_SUCCESS(TAG, err, "Failed finding trigger value"); payload->trigger = (OCPresenceTrigger)trigger; |