projects
/
project
/
uci.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
some more input validation
[project/uci.git]
/
util.c
diff --git
a/util.c
b/util.c
index
8542359
..
3358cdf
100644
(file)
--- a/
util.c
+++ b/
util.c
@@
-101,6
+101,16
@@
static inline bool uci_validate_name(const char *str)
return uci_validate_str(str, true);
}
return uci_validate_str(str, true);
}
+static inline bool uci_validate_text(const char *str)
+{
+ while (*str) {
+ if ((*str == '\r') || (*str == '\n') ||
+ ((*str < 32) && (*str != '\t')))
+ return false;
+ }
+ return true;
+}
+
static void uci_alloc_parse_context(struct uci_context *ctx)
{
ctx->pctx = (struct uci_parse_context *) uci_malloc(ctx, sizeof(struct uci_parse_context));
static void uci_alloc_parse_context(struct uci_context *ctx)
{
ctx->pctx = (struct uci_parse_context *) uci_malloc(ctx, sizeof(struct uci_parse_context));
@@
-124,6
+134,8
@@
int uci_parse_tuple(struct uci_context *ctx, char *str, char **package, char **s
goto error;
*section = strsep(&str, ".");
goto error;
*section = strsep(&str, ".");
+ *option = NULL;
+ *value = NULL;
if (!*section)
goto lastval;
if (!*section)
goto lastval;
@@
-145,6
+157,8
@@
lastval:
goto error;
if (*option && !uci_validate_name(*option))
goto error;
goto error;
if (*option && !uci_validate_name(*option))
goto error;
+ if (*value && !uci_validate_text(*value))
+ goto error;
goto done;
goto done;