binding: bluetooth: add input validation on device input

Validate device input to filter out special characters being sent that may cause the dbus call to hang or segfault. Bug-AGL: SPEC-1630 Change-Id: I31aa458154c030181b905b7ccc9d6a8aa0f84ef0 Signed-off-by: Matt Ranostay <matt.ranostay@konsulko.com>
author: Matt Ranostay <matt.ranostay@konsulko.com> 2018-11-01 20:10:14 -0700
committer: Matt Ranostay <matt.ranostay@konsulko.com> 2018-11-12 03:58:47 -0800
commit: 28dae92e48c05478bb05a9d6de3ff26dbd103037 (patch)
tree: 968f87284745f776e69fad9363d123bd2582bcd9
parent: 2c25e21baf01885253db709f911b51af0a498abf (diff)
1 files changed, 11 insertions, 1 deletions
diff --git a/binding/bluetooth-util.c b/binding/bluetooth-util.c
index 21aae6c..4740cda 100644
--- a/binding/bluetooth-util.c
+++ b/binding/bluetooth-util.c
@@ -1039,7 +1039,7 @@ void json_process_path(json_object *jresp, const char *path) {
 
 gchar *return_bluez_path(afb_req_t request) {
 	const char *adapter = afb_req_value(request, "adapter");
-	const char *device;
+	const char *device, *tmp;
 
 	adapter = adapter ? adapter : BLUEZ_DEFAULT_ADAPTER;
 
@@ -1049,6 +1049,16 @@ gchar *return_bluez_path(afb_req_t request) {
 		return NULL;
 	}
 
+	tmp = device;
+
+	/* Stop the dbus call from segfaulting from special characters */
+	for (; *tmp; tmp++) {
+		if (!g_ascii_isalnum(*tmp) && *tmp != '_') {
+			afb_req_fail(request, "failed", "Invalid device parameter");
+			return NULL;
+		}
+	}
+
 	return g_strconcat("/org/bluez/", adapter, "/", device, NULL);
 }
author	Matt Ranostay <matt.ranostay@konsulko.com>	2018-11-01 20:10:14 -0700
committer	Matt Ranostay <matt.ranostay@konsulko.com>	2018-11-12 03:58:47 -0800
commit	28dae92e48c05478bb05a9d6de3ff26dbd103037 (patch)
tree	968f87284745f776e69fad9363d123bd2582bcd9
parent	2c25e21baf01885253db709f911b51af0a498abf (diff)