stkagent: Sanitize any output from the agent

2012-08-28 15:32:41 +02:00 · 2012-08-28 15:32:41 +02:00 · ce79121d27
parent af9951d5d0
commit ce79121d27
1 changed files with 53 additions and 3 deletions
--- a/src/stkagent.c
+++ b/src/stkagent.c
@ -59,6 +59,9 @@ struct stk_agent {
 	DBusPendingCall *call;
 	void *user_cb;
 	void *user_data;
+	int min_length;
+	int max_length;
+	ofono_bool_t hidden_entry;
 	ofono_destroy_func user_destroy;

 	const struct stk_menu *request_selection_menu;
@ -539,14 +542,24 @@ static void get_digit_cb(DBusPendingCall *call, void *data)

 	if (dbus_message_get_args(reply, NULL,
 					DBUS_TYPE_STRING, &digit,
-					DBUS_TYPE_INVALID) == FALSE ||
-			strlen(digit) != 1 ||
-			!valid_phone_number_format(digit)) {
+					DBUS_TYPE_INVALID) == FALSE) {
 		ofono_error("Can't parse the reply to GetDigit()");
 		remove_agent = TRUE;
 		goto error;
 	}

+	if (strlen(digit) != 1 || !strspn(digit, "0123456789*#+")) {
+		ofono_error("Invalid character");
+		remove_agent = TRUE;
+		goto error;
+	}
+
+	if (agent->hidden_entry && digit[0] == '+') {
+		ofono_error("The character + is not allowed in this mode");
+		remove_agent = TRUE;
+		goto error;
+	}
+
 	cb(result, digit, agent->user_data);

 	CALLBACK_END();
@ -578,6 +591,7 @@ int stk_agent_request_digit(struct stk_agent *agent, const char *text,
 	agent->user_cb = cb;
 	agent->user_data = user_data;
 	agent->user_destroy = destroy;
+	agent->hidden_entry = FALSE;

 	dbus_pending_call_set_notify(agent->call, get_digit_cb, agent, NULL);

@ -610,6 +624,7 @@ int stk_agent_request_quick_digit(struct stk_agent *agent, const char *text,
 	agent->user_cb = cb;
 	agent->user_data = user_data;
 	agent->user_destroy = destroy;
+	agent->hidden_entry = TRUE;

 	dbus_pending_call_set_notify(agent->call, get_digit_cb, agent, NULL);

@ -692,6 +707,7 @@ static void get_digits_cb(DBusPendingCall *call, void *data)
 	enum stk_agent_result result;
 	gboolean remove_agent;
 	char *string;
+	int len, span;

 	if (check_error(agent, reply,
 			ALLOWED_ERROR_GO_BACK | ALLOWED_ERROR_TERMINATE,
@ -713,6 +729,25 @@ static void get_digits_cb(DBusPendingCall *call, void *data)
 		goto error;
 	}

+	len = strlen(string);
+
+	if (len < agent->min_length || len > agent->max_length) {
+		ofono_error("Length not acceptable");
+		remove_agent = TRUE;
+		goto error;
+	}
+
+	if (agent->hidden_entry)
+		span = strspn(string, "0123456789*#");
+	else
+		span = strspn(string, "0123456789*#+");
+
+	if (span != len) {
+		ofono_error("Invalid character found");
+		remove_agent = TRUE;
+		goto error;
+	}
+
 	cb(result, string, agent->user_data);

 	CALLBACK_END();
@ -756,6 +791,9 @@ int stk_agent_request_digits(struct stk_agent *agent, const char *text,
 	agent->user_cb = cb;
 	agent->user_data = user_data;
 	agent->user_destroy = destroy;
+	agent->min_length = min_val;
+	agent->max_length = max_val;
+	agent->hidden_entry = hidden_val;

 	dbus_pending_call_set_notify(agent->call, get_digits_cb, agent, NULL);

@ -770,6 +808,7 @@ static void get_input_cb(DBusPendingCall *call, void *data)
 	enum stk_agent_result result;
 	gboolean remove_agent;
 	char *string;
+	int len;

 	if (check_error(agent, reply,
 			ALLOWED_ERROR_GO_BACK | ALLOWED_ERROR_TERMINATE,
@ -791,6 +830,14 @@ static void get_input_cb(DBusPendingCall *call, void *data)
 		goto error;
 	}

+	len = g_utf8_strlen(string, -1);
+
+	if (len < agent->min_length || len > agent->max_length) {
+		ofono_error("Length not acceptable");
+		remove_agent = TRUE;
+		goto error;
+	}
+
 	cb(result, string, agent->user_data);

 	CALLBACK_END();
@ -835,6 +882,9 @@ int stk_agent_request_input(struct stk_agent *agent, const char *text,
 	agent->user_cb = cb;
 	agent->user_data = user_data;
 	agent->user_destroy = destroy;
+	agent->min_length = min_val;
+	agent->max_length = max_val;
+	agent->hidden_entry = hidden_val;

 	dbus_pending_call_set_notify(agent->call, get_input_cb, agent, NULL);