hotplug: add extra validation for commands

[project/procd.git] / hotplug-rule.c

diff --git a/hotplug-rule.c b/hotplug-rule.c
index a2d8892..b157fcd 100644 (file)
--- a/hotplug-rule.c
+++ b/hotplug-rule.c
@@ -306,7 +306,8 @@ static int rule_process_expr(struct blob_attr *cur, struct blob_attr *msg)
        bool found;
        int ret;
 
-       if (blobmsg_type(cur) != BLOBMSG_TYPE_ARRAY) {
+       if (blobmsg_type(cur) != BLOBMSG_TYPE_ARRAY ||
+           blobmsg_type(blobmsg_data(cur)) != BLOBMSG_TYPE_STRING) {
                rule_error(cur, "Unexpected element type");
                return -1;
        }
@@ -379,6 +380,11 @@ static int cmd_process_strings(struct blob_attr *attr, struct blob_attr *msg)
                if (args++ < 0)
                        continue;
 
+               if (blobmsg_type(cur) != BLOBMSG_TYPE_STRING) {
+                       rule_error(attr, "Invalid argument in command");
+                       return -1;
+               }
+
                cmd_add_string(blobmsg_data(cur), msg);
        }
 
@@ -393,12 +399,21 @@ static int __rule_process_cmd(struct blob_attr *cur, struct blob_attr *msg)
        bool found;
        int ret;
 
+       if (blobmsg_type(cur) != BLOBMSG_TYPE_ARRAY ||
+           blobmsg_type(blobmsg_data(cur)) != BLOBMSG_TYPE_STRING) {
+               rule_error(cur, "Unexpected element type");
+               return -1;
+       }
+
        ret = __rule_process_type(cur, msg, cmd, ARRAY_SIZE(cmd), &found);
        if (found)
                return ret;
 
        name = blobmsg_data(blobmsg_data(cur));
-       cmd_process_strings(cur, msg);
+       ret = cmd_process_strings(cur, msg);
+       if (ret)
+               return ret;
+
        rule_handle_command(name, blob_data(b.head));
 
        return 0;