diff options
author | Martin Schanzenbach <schanzen@gnunet.org> | 2022-03-15 08:42:42 +0100 |
---|---|---|
committer | Martin Schanzenbach <schanzen@gnunet.org> | 2022-03-15 08:42:42 +0100 |
commit | cfd3db44a82330272752ab3da08f1823c9867652 (patch) | |
tree | 1ee581fcb185407b513828e796d4e7441e608c11 | |
parent | aa033d45165394bde735dcd19495fd420f5cd963 (diff) | |
download | gnunet-cfd3db44a82330272752ab3da08f1823c9867652.tar.gz gnunet-cfd3db44a82330272752ab3da08f1823c9867652.zip |
NAMESTORE: Prevent storing records under invalid labels
-rw-r--r-- | src/gnsrecord/gnsrecord_misc.c | 16 | ||||
-rw-r--r-- | src/include/gnunet_gnsrecord_lib.h | 10 | ||||
-rw-r--r-- | src/namestore/gnunet-namestore.c | 9 | ||||
-rw-r--r-- | src/namestore/gnunet-service-namestore.c | 38 |
4 files changed, 54 insertions, 19 deletions
diff --git a/src/gnsrecord/gnsrecord_misc.c b/src/gnsrecord/gnsrecord_misc.c index 3298168f4..54d8fb860 100644 --- a/src/gnsrecord/gnsrecord_misc.c +++ b/src/gnsrecord/gnsrecord_misc.c | |||
@@ -44,6 +44,22 @@ GNUNET_GNSRECORD_string_normalize (const char *src) | |||
44 | return GNUNET_STRINGS_utf8_normalize (src); | 44 | return GNUNET_STRINGS_utf8_normalize (src); |
45 | } | 45 | } |
46 | 46 | ||
47 | enum GNUNET_GenericReturnValue | ||
48 | GNUNET_GNSRECORD_label_check (const char*label, char **emsg) | ||
49 | { | ||
50 | if (NULL == label) | ||
51 | { | ||
52 | *emsg = GNUNET_strdup (_ ("Label is NULL which is not allowed\n")); | ||
53 | return GNUNET_NO; | ||
54 | } | ||
55 | if (0 != strchr (label, '.')) | ||
56 | { | ||
57 | *emsg = GNUNET_strdup (_ ("Label contains `.' which is not allowed\n")); | ||
58 | return GNUNET_NO; | ||
59 | } | ||
60 | return GNUNET_OK; | ||
61 | } | ||
62 | |||
47 | /** | 63 | /** |
48 | * Convert a zone key to a string (for printing debug messages). | 64 | * Convert a zone key to a string (for printing debug messages). |
49 | * This is one of the very few calls in the entire API that is | 65 | * This is one of the very few calls in the entire API that is |
diff --git a/src/include/gnunet_gnsrecord_lib.h b/src/include/gnunet_gnsrecord_lib.h index 590d83476..51dd5972d 100644 --- a/src/include/gnunet_gnsrecord_lib.h +++ b/src/include/gnunet_gnsrecord_lib.h | |||
@@ -761,6 +761,16 @@ GNUNET_GNSRECORD_convert_records_for_export (const char *label, | |||
761 | struct GNUNET_TIME_Absolute *expiry, | 761 | struct GNUNET_TIME_Absolute *expiry, |
762 | char **emsg); | 762 | char **emsg); |
763 | 763 | ||
764 | /** | ||
765 | * Check label for invalid characters. | ||
766 | * | ||
767 | * @param label the label to check | ||
768 | * @param emsg an error message (NULL if label is valid). Will be allocated. | ||
769 | * @return GNUNET_OK if label is valid. | ||
770 | */ | ||
771 | enum GNUNET_GenericReturnValue | ||
772 | GNUNET_GNSRECORD_label_check (const char*label, char **emsg); | ||
773 | |||
764 | #if 0 /* keep Emacsens' auto-indent happy */ | 774 | #if 0 /* keep Emacsens' auto-indent happy */ |
765 | { | 775 | { |
766 | #endif | 776 | #endif |
diff --git a/src/namestore/gnunet-namestore.c b/src/namestore/gnunet-namestore.c index dd24e9b05..af40f2dbe 100644 --- a/src/namestore/gnunet-namestore.c +++ b/src/namestore/gnunet-namestore.c | |||
@@ -1236,15 +1236,6 @@ identity_cb (void *cls, struct GNUNET_IDENTITY_Ego *ego) | |||
1236 | const struct GNUNET_CONFIGURATION_Handle *cfg = cls; | 1236 | const struct GNUNET_CONFIGURATION_Handle *cfg = cls; |
1237 | 1237 | ||
1238 | el = NULL; | 1238 | el = NULL; |
1239 | if ((NULL != name) && (0 != strchr (name, '.'))) | ||
1240 | { | ||
1241 | fprintf (stderr, | ||
1242 | _ ("Label `%s' contains `.' which is not allowed\n"), | ||
1243 | name); | ||
1244 | GNUNET_SCHEDULER_shutdown (); | ||
1245 | ret = -1; | ||
1246 | return; | ||
1247 | } | ||
1248 | 1239 | ||
1249 | if (NULL == ego) | 1240 | if (NULL == ego) |
1250 | { | 1241 | { |
diff --git a/src/namestore/gnunet-service-namestore.c b/src/namestore/gnunet-service-namestore.c index 6c6f5f4b6..2a3a006e8 100644 --- a/src/namestore/gnunet-service-namestore.c +++ b/src/namestore/gnunet-service-namestore.c | |||
@@ -1543,25 +1543,43 @@ handle_record_store (void *cls, const struct RecordStoreMessage *rp_msg) | |||
1543 | rd_ser = &name_tmp[name_len]; | 1543 | rd_ser = &name_tmp[name_len]; |
1544 | { | 1544 | { |
1545 | struct GNUNET_GNSRECORD_Data rd[GNUNET_NZL (rd_count)]; | 1545 | struct GNUNET_GNSRECORD_Data rd[GNUNET_NZL (rd_count)]; |
1546 | 1546 | char *emsg; | |
1547 | if (GNUNET_OK != | ||
1548 | GNUNET_GNSRECORD_records_deserialize (rd_ser_len, rd_ser, rd_count, rd)) | ||
1549 | { | ||
1550 | GNUNET_break (0); | ||
1551 | GNUNET_SERVICE_client_drop (nc->client); | ||
1552 | return; | ||
1553 | } | ||
1554 | 1547 | ||
1555 | /* Extracting and converting private key */ | 1548 | /* Extracting and converting private key */ |
1556 | conv_name = GNUNET_GNSRECORD_string_normalize (name_tmp); | 1549 | conv_name = GNUNET_GNSRECORD_string_normalize (name_tmp); |
1557 | if (NULL == conv_name) | 1550 | if (NULL == conv_name) |
1558 | { | 1551 | { |
1559 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 1552 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
1560 | "Error converting name `%s'\n", | 1553 | "Error normalizing name `%s'\n", |
1561 | name_tmp); | 1554 | name_tmp); |
1562 | GNUNET_SERVICE_client_drop (nc->client); | 1555 | send_store_response (nc, GNUNET_SYSERR, _("Error normalizing name."), rid); |
1556 | GNUNET_SERVICE_client_continue (nc->client); | ||
1557 | return; | ||
1558 | } | ||
1559 | |||
1560 | /* Check name for validity */ | ||
1561 | if (GNUNET_OK != GNUNET_GNSRECORD_label_check (conv_name, &emsg)) | ||
1562 | { | ||
1563 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
1564 | "Label invalid: `%s'\n", | ||
1565 | emsg); | ||
1566 | send_store_response (nc, GNUNET_SYSERR, emsg, rid); | ||
1567 | GNUNET_free (emsg); | ||
1568 | GNUNET_free (conv_name); | ||
1569 | GNUNET_SERVICE_client_continue (nc->client); | ||
1570 | return; | ||
1571 | } | ||
1572 | |||
1573 | if (GNUNET_OK != | ||
1574 | GNUNET_GNSRECORD_records_deserialize (rd_ser_len, rd_ser, rd_count, rd)) | ||
1575 | { | ||
1576 | send_store_response (nc, GNUNET_SYSERR, | ||
1577 | _("Error deserializing records."), rid); | ||
1578 | GNUNET_free (conv_name); | ||
1579 | GNUNET_SERVICE_client_continue (nc->client); | ||
1563 | return; | 1580 | return; |
1564 | } | 1581 | } |
1582 | |||
1565 | GNUNET_STATISTICS_update (statistics, | 1583 | GNUNET_STATISTICS_update (statistics, |
1566 | "Well-formed store requests received", | 1584 | "Well-formed store requests received", |
1567 | 1, | 1585 | 1, |