mirror of git://git.sysmocom.de/ofono
stkagent: Sanitize any output from the agent
This commit is contained in:
parent
af9951d5d0
commit
ce79121d27
|
@ -59,6 +59,9 @@ struct stk_agent {
|
||||||
DBusPendingCall *call;
|
DBusPendingCall *call;
|
||||||
void *user_cb;
|
void *user_cb;
|
||||||
void *user_data;
|
void *user_data;
|
||||||
|
int min_length;
|
||||||
|
int max_length;
|
||||||
|
ofono_bool_t hidden_entry;
|
||||||
ofono_destroy_func user_destroy;
|
ofono_destroy_func user_destroy;
|
||||||
|
|
||||||
const struct stk_menu *request_selection_menu;
|
const struct stk_menu *request_selection_menu;
|
||||||
|
@ -539,14 +542,24 @@ static void get_digit_cb(DBusPendingCall *call, void *data)
|
||||||
|
|
||||||
if (dbus_message_get_args(reply, NULL,
|
if (dbus_message_get_args(reply, NULL,
|
||||||
DBUS_TYPE_STRING, &digit,
|
DBUS_TYPE_STRING, &digit,
|
||||||
DBUS_TYPE_INVALID) == FALSE ||
|
DBUS_TYPE_INVALID) == FALSE) {
|
||||||
strlen(digit) != 1 ||
|
|
||||||
!valid_phone_number_format(digit)) {
|
|
||||||
ofono_error("Can't parse the reply to GetDigit()");
|
ofono_error("Can't parse the reply to GetDigit()");
|
||||||
remove_agent = TRUE;
|
remove_agent = TRUE;
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (strlen(digit) != 1 || !strspn(digit, "0123456789*#+")) {
|
||||||
|
ofono_error("Invalid character");
|
||||||
|
remove_agent = TRUE;
|
||||||
|
goto error;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (agent->hidden_entry && digit[0] == '+') {
|
||||||
|
ofono_error("The character + is not allowed in this mode");
|
||||||
|
remove_agent = TRUE;
|
||||||
|
goto error;
|
||||||
|
}
|
||||||
|
|
||||||
cb(result, digit, agent->user_data);
|
cb(result, digit, agent->user_data);
|
||||||
|
|
||||||
CALLBACK_END();
|
CALLBACK_END();
|
||||||
|
@ -578,6 +591,7 @@ int stk_agent_request_digit(struct stk_agent *agent, const char *text,
|
||||||
agent->user_cb = cb;
|
agent->user_cb = cb;
|
||||||
agent->user_data = user_data;
|
agent->user_data = user_data;
|
||||||
agent->user_destroy = destroy;
|
agent->user_destroy = destroy;
|
||||||
|
agent->hidden_entry = FALSE;
|
||||||
|
|
||||||
dbus_pending_call_set_notify(agent->call, get_digit_cb, agent, NULL);
|
dbus_pending_call_set_notify(agent->call, get_digit_cb, agent, NULL);
|
||||||
|
|
||||||
|
@ -610,6 +624,7 @@ int stk_agent_request_quick_digit(struct stk_agent *agent, const char *text,
|
||||||
agent->user_cb = cb;
|
agent->user_cb = cb;
|
||||||
agent->user_data = user_data;
|
agent->user_data = user_data;
|
||||||
agent->user_destroy = destroy;
|
agent->user_destroy = destroy;
|
||||||
|
agent->hidden_entry = TRUE;
|
||||||
|
|
||||||
dbus_pending_call_set_notify(agent->call, get_digit_cb, agent, NULL);
|
dbus_pending_call_set_notify(agent->call, get_digit_cb, agent, NULL);
|
||||||
|
|
||||||
|
@ -692,6 +707,7 @@ static void get_digits_cb(DBusPendingCall *call, void *data)
|
||||||
enum stk_agent_result result;
|
enum stk_agent_result result;
|
||||||
gboolean remove_agent;
|
gboolean remove_agent;
|
||||||
char *string;
|
char *string;
|
||||||
|
int len, span;
|
||||||
|
|
||||||
if (check_error(agent, reply,
|
if (check_error(agent, reply,
|
||||||
ALLOWED_ERROR_GO_BACK | ALLOWED_ERROR_TERMINATE,
|
ALLOWED_ERROR_GO_BACK | ALLOWED_ERROR_TERMINATE,
|
||||||
|
@ -713,6 +729,25 @@ static void get_digits_cb(DBusPendingCall *call, void *data)
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
len = strlen(string);
|
||||||
|
|
||||||
|
if (len < agent->min_length || len > agent->max_length) {
|
||||||
|
ofono_error("Length not acceptable");
|
||||||
|
remove_agent = TRUE;
|
||||||
|
goto error;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (agent->hidden_entry)
|
||||||
|
span = strspn(string, "0123456789*#");
|
||||||
|
else
|
||||||
|
span = strspn(string, "0123456789*#+");
|
||||||
|
|
||||||
|
if (span != len) {
|
||||||
|
ofono_error("Invalid character found");
|
||||||
|
remove_agent = TRUE;
|
||||||
|
goto error;
|
||||||
|
}
|
||||||
|
|
||||||
cb(result, string, agent->user_data);
|
cb(result, string, agent->user_data);
|
||||||
|
|
||||||
CALLBACK_END();
|
CALLBACK_END();
|
||||||
|
@ -756,6 +791,9 @@ int stk_agent_request_digits(struct stk_agent *agent, const char *text,
|
||||||
agent->user_cb = cb;
|
agent->user_cb = cb;
|
||||||
agent->user_data = user_data;
|
agent->user_data = user_data;
|
||||||
agent->user_destroy = destroy;
|
agent->user_destroy = destroy;
|
||||||
|
agent->min_length = min_val;
|
||||||
|
agent->max_length = max_val;
|
||||||
|
agent->hidden_entry = hidden_val;
|
||||||
|
|
||||||
dbus_pending_call_set_notify(agent->call, get_digits_cb, agent, NULL);
|
dbus_pending_call_set_notify(agent->call, get_digits_cb, agent, NULL);
|
||||||
|
|
||||||
|
@ -770,6 +808,7 @@ static void get_input_cb(DBusPendingCall *call, void *data)
|
||||||
enum stk_agent_result result;
|
enum stk_agent_result result;
|
||||||
gboolean remove_agent;
|
gboolean remove_agent;
|
||||||
char *string;
|
char *string;
|
||||||
|
int len;
|
||||||
|
|
||||||
if (check_error(agent, reply,
|
if (check_error(agent, reply,
|
||||||
ALLOWED_ERROR_GO_BACK | ALLOWED_ERROR_TERMINATE,
|
ALLOWED_ERROR_GO_BACK | ALLOWED_ERROR_TERMINATE,
|
||||||
|
@ -791,6 +830,14 @@ static void get_input_cb(DBusPendingCall *call, void *data)
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
len = g_utf8_strlen(string, -1);
|
||||||
|
|
||||||
|
if (len < agent->min_length || len > agent->max_length) {
|
||||||
|
ofono_error("Length not acceptable");
|
||||||
|
remove_agent = TRUE;
|
||||||
|
goto error;
|
||||||
|
}
|
||||||
|
|
||||||
cb(result, string, agent->user_data);
|
cb(result, string, agent->user_data);
|
||||||
|
|
||||||
CALLBACK_END();
|
CALLBACK_END();
|
||||||
|
@ -835,6 +882,9 @@ int stk_agent_request_input(struct stk_agent *agent, const char *text,
|
||||||
agent->user_cb = cb;
|
agent->user_cb = cb;
|
||||||
agent->user_data = user_data;
|
agent->user_data = user_data;
|
||||||
agent->user_destroy = destroy;
|
agent->user_destroy = destroy;
|
||||||
|
agent->min_length = min_val;
|
||||||
|
agent->max_length = max_val;
|
||||||
|
agent->hidden_entry = hidden_val;
|
||||||
|
|
||||||
dbus_pending_call_set_notify(agent->call, get_input_cb, agent, NULL);
|
dbus_pending_call_set_notify(agent->call, get_input_cb, agent, NULL);
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue