[IOT-2128] Check that parsed CborValue is valid before using it.

Bug: https://jira.iotivity.org/browse/IOT-2128
Change-Id: Ie4532842d687a69b25d8f215135edeb2fd2029c6
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/19343
Tested-by: jenkins-iotivity <jenkins@iotivity.org>
Reviewed-by: Dan Mihai <Daniel.Mihai@microsoft.com>

1 files changed, 24 insertions, 0 deletions

diff --git a/resource/csdk/stack/src/ocpayloadparse.c b/resource/csdk/stack/src/ocpayloadparse.c
index 9fdb003ec..993e6f51a 100755
--- a/resource/csdk/stack/src/ocpayloadparse.c
+++ b/resource/csdk/stack/src/ocpayloadparse.c
@@ -253,6 +253,8 @@ static OCStackResult OCParseDiscoveryPayloadCbor(OCPayload **outPayload,
             CborValue linkMap;
             err = cbor_value_map_find_value(&rootMap, OC_RSRVD_LINKS, &linkMap);
             VERIFY_CBOR_SUCCESS(TAG, err, "to find links tag");
+            err = cbor_value_is_valid(&linkMap) ? CborNoError : CborUnknownError;
+            VERIFY_CBOR_SUCCESS(TAG, err, "to find links tag");
 
             // Enter the links array and start iterating through the array processing
             // each resource which shows up as a map.
@@ -270,6 +272,8 @@ static OCStackResult OCParseDiscoveryPayloadCbor(OCPayload **outPayload,
                 // Uri
                 err = cbor_value_map_find_value(&resourceMap, OC_RSRVD_HREF, &curVal);
                 VERIFY_CBOR_SUCCESS(TAG, err, "to find href tag");
+                err = cbor_value_is_valid(&curVal) ? CborNoError : CborUnknownError;
+                VERIFY_CBOR_SUCCESS(TAG, err, "to find href tag");
                 err = cbor_value_dup_text_string(&curVal, &(resource->uri), &len, NULL);
                 VERIFY_CBOR_SUCCESS(TAG, err, "to find href value");
 
@@ -302,10 +306,14 @@ static OCStackResult OCParseDiscoveryPayloadCbor(OCPayload **outPayload,
                 CborValue policyMap;
                 err = cbor_value_map_find_value(&resourceMap, OC_RSRVD_POLICY, &policyMap);
                 VERIFY_CBOR_SUCCESS(TAG, err, "to find policy tag");
+                err = cbor_value_is_valid(&policyMap) ? CborNoError : CborUnknownError;
+                VERIFY_CBOR_SUCCESS(TAG, err, "to find policy tag");
 
                 // Bitmap
                 err = cbor_value_map_find_value(&policyMap, OC_RSRVD_BITMAP, &curVal);
                 VERIFY_CBOR_SUCCESS(TAG, err, "to find bitmap tag");
+                err = cbor_value_is_valid(&curVal) ? CborNoError : CborUnknownError;
+                VERIFY_CBOR_SUCCESS(TAG, err, "to find bitmap tag");
                 err = cbor_value_get_int(&curVal, &bitmap);
                 VERIFY_CBOR_SUCCESS(TAG, err, "to find bitmap value");
                 resource->bitmap = (uint8_t)bitmap;
@@ -420,6 +428,8 @@ static CborError ParseResources(OCDiscoveryPayload **outPayload, CborValue *reso
         CborValue curVal;
         err = cbor_value_map_find_value(resourceMap, OC_RSRVD_HREF, &curVal);
         VERIFY_CBOR_SUCCESS(TAG, err, "to find href tag");
+        err = cbor_value_is_valid(&curVal) ? CborNoError : CborUnknownError;
+        VERIFY_CBOR_SUCCESS(TAG, err, "to find href tag");
         err = cbor_value_dup_text_string(&curVal, &(resource->uri), &len, NULL);
         VERIFY_CBOR_SUCCESS(TAG, err, "to find href value");
 
@@ -460,10 +470,14 @@ static CborError ParseResources(OCDiscoveryPayload **outPayload, CborValue *reso
         CborValue policyMap;
         err = cbor_value_map_find_value(resourceMap, OC_RSRVD_POLICY, &policyMap);
         VERIFY_CBOR_SUCCESS(TAG, err, "to find policy tag");
+        err = cbor_value_is_valid(&policyMap) ? CborNoError : CborUnknownError;
+        VERIFY_CBOR_SUCCESS(TAG, err, "to find policy tag");
 
         // Bitmap
         err = cbor_value_map_find_value(&policyMap, OC_RSRVD_BITMAP, &curVal);
         VERIFY_CBOR_SUCCESS(TAG, err, "to find bitmap tag");
+        err = cbor_value_is_valid(&curVal) ? CborNoError : CborUnknownError;
+        VERIFY_CBOR_SUCCESS(TAG, err, "to find bitmap tag");
         err = cbor_value_get_int(&curVal, &bitmap);
         VERIFY_CBOR_SUCCESS(TAG, err, "to find bitmap value");
         resource->bitmap = (uint8_t)bitmap;
@@ -490,6 +504,8 @@ static CborError ParseResources(OCDiscoveryPayload **outPayload, CborValue *reso
                 // ep
                 err = cbor_value_map_find_value(&epMap, OC_RSRVD_ENDPOINT, &curVal);
                 VERIFY_CBOR_SUCCESS(TAG, err, "to find endpoint tag");
+                err = cbor_value_is_valid(&curVal) ? CborNoError : CborUnknownError;
+                VERIFY_CBOR_SUCCESS(TAG, err, "to find endpoint tag");
                 err = cbor_value_dup_text_string(&curVal, &endpointStr, &len, NULL);
                 VERIFY_CBOR_SUCCESS(TAG, err, "to find endpoint value");
 
@@ -501,6 +517,8 @@ static CborError ParseResources(OCDiscoveryPayload **outPayload, CborValue *reso
                     // pri
                     err = cbor_value_map_find_value(&epMap, OC_RSRVD_PRIORITY, &curVal);
                     VERIFY_CBOR_SUCCESS(TAG, err, "to find priority tag");
+                    err = cbor_value_is_valid(&curVal) ? CborNoError : CborUnknownError;
+                    VERIFY_CBOR_SUCCESS(TAG, err, "to find priority tag");
                     err = cbor_value_get_int(&curVal, &pri);
                     VERIFY_CBOR_SUCCESS(TAG, err, "to find priority value");
                     endpoint->pri = (uint16_t)pri;
@@ -1294,6 +1312,8 @@ static OCStackResult OCParsePresencePayload(OCPayload **outPayload, CborValue *r
         // Sequence Number
         CborError err = cbor_value_map_find_value(rootValue, OC_RSRVD_NONCE, &curVal);
         VERIFY_CBOR_SUCCESS(TAG, err, "Failed finding nonce tag");
+        err = cbor_value_is_valid(&curVal) ? CborNoError : CborUnknownError;
+        VERIFY_CBOR_SUCCESS(TAG, err, "Failed finding nonce tag");
         err = cbor_value_get_uint64(&curVal, &temp);
         payload->sequenceNumber = (uint32_t)temp;
         VERIFY_CBOR_SUCCESS(TAG, err, "Failed finding nonce value");
@@ -1301,6 +1321,8 @@ static OCStackResult OCParsePresencePayload(OCPayload **outPayload, CborValue *r
         // Max Age
         err = cbor_value_map_find_value(rootValue, OC_RSRVD_TTL, &curVal);
         VERIFY_CBOR_SUCCESS(TAG, err, "Failed finding ttl tag");
+        err = cbor_value_is_valid(&curVal) ? CborNoError : CborUnknownError;
+        VERIFY_CBOR_SUCCESS(TAG, err, "Failed finding ttl tag");
         temp = 0;
         err = cbor_value_get_uint64(&curVal, &temp);
         payload->maxAge = (uint32_t)temp;
@@ -1309,6 +1331,8 @@ static OCStackResult OCParsePresencePayload(OCPayload **outPayload, CborValue *r
         // Trigger
         err = cbor_value_map_find_value(rootValue, OC_RSRVD_TRIGGER, &curVal);
         VERIFY_CBOR_SUCCESS(TAG, err, "Failed finding trigger tag");
+        err = cbor_value_is_valid(&curVal) ? CborNoError : CborUnknownError;
+        VERIFY_CBOR_SUCCESS(TAG, err, "Failed finding trigger tag");
         err = cbor_value_get_simple_type(&curVal, &trigger);
         VERIFY_CBOR_SUCCESS(TAG, err, "Failed finding trigger value");
         payload->trigger = (OCPresenceTrigger)trigger;