Browse code

xcap_server: check xml document validity for db interaction

- check if xcap doc is xml valid before inserting in db as well as when
retrieving from db
- better safety check for retrieval of etag value from database record
- reported and intial patch by Laura Testi

Daniel-Constantin Mierla authored on 13/09/2011 16:56:54
Showing 3 changed files
... ...
@@ -665,6 +665,26 @@ error:
665 665
 }
666 666
 
667 667
 /**
668
+ * check if provided XML doc is valid
669
+ * - return -1 if document is invalid or 0 if document is valid
670
+ */
671
+int xcaps_check_doc_validity(str *doc)
672
+{
673
+
674
+	xmlDocPtr docxml = NULL;
675
+
676
+	if(doc==NULL || doc->s==NULL || doc->len<0)
677
+		return -1;
678
+
679
+	docxml = xmlParseMemory(doc->s, doc->len);
680
+	if(docxml==NULL)
681
+		return -1;
682
+	xmlFreeDoc(docxml);
683
+	return 0;
684
+}
685
+
686
+
687
+/**
668 688
  * xcapuri PV export
669 689
  */
670 690
 typedef struct _pv_xcap_uri {
... ...
@@ -53,6 +53,7 @@ typedef struct xcap_uri {
53 53
 int xcap_parse_uri(str *huri, str *xroot, xcap_uri_t *xuri);
54 54
 int xcaps_xpath_set(str *inbuf, str *xpaths, str *val, str *outbuf);
55 55
 int xcaps_xpath_get(str *inbuf, str *xpaths, str *outbuf);
56
+int xcaps_check_doc_validity(str *doc);
56 57
 
57 58
 int pv_get_xcap_uri(struct sip_msg *msg,  pv_param_t *param,
58 59
 		pv_value_t *res);
... ...
@@ -335,6 +335,11 @@ static int xcaps_put_db(str* user, str *domain, xcap_uri_t *xuri, str *etag,
335 335
 	db_val_t qvals[9];
336 336
 	int ncols = 0;
337 337
 
338
+	if(xcaps_check_doc_validity(doc)<0)
339
+	{
340
+		LM_ERR("invalid xml doc to insert in database\n");
341
+		goto error;
342
+	}
338 343
 
339 344
 	/* insert in xcap table*/
340 345
 	qcols[ncols] = &str_username_col;
... ...
@@ -680,6 +685,12 @@ static int xcaps_get_db_doc(str* user, str *domain, xcap_uri_t *xuri, str *doc)
680 680
 	memcpy(doc->s, s.s, s.len);
681 681
 	doc->s[doc->len] = '\0';
682 682
 
683
+	if(xcaps_check_doc_validity(doc)<0)
684
+	{
685
+		LM_ERR("invalid xml doc retrieved from database\n");
686
+		goto error;
687
+	}
688
+
683 689
 	xcaps_dbf.free_result(xcaps_db, db_res);
684 690
 	return 0;
685 691
 
... ...
@@ -694,6 +705,8 @@ error:
694 694
 }
695 695
 
696 696
 /**
697
+ * get the etag from database record for (user@domain, xuri)
698
+ * - return: -1 error; 0 - found; 1 - not found
697 699
  *
698 700
  */
699 701
 static int xcaps_get_db_etag(str* user, str *domain, xcap_uri_t *xuri, str *etag)
... ...
@@ -970,9 +983,9 @@ static int w_xcaps_del(sip_msg_t* msg, char* puri, char* ppath)
970 970
 	str uri;
971 971
 	str path;
972 972
 	xcap_uri_t xuri;
973
-	str body;
974
-	str etag_hdr;
975
-	str etag;
973
+	str body = {0, 0};
974
+	str etag_hdr = {0, 0};
975
+	str etag = {0, 0};
976 976
 	str tbuf;
977 977
 
978 978
 	if(puri==0 || ppath==0)
... ...
@@ -1016,7 +1029,7 @@ static int w_xcaps_del(sip_msg_t* msg, char* puri, char* ppath)
1016 1016
 		goto error;
1017 1017
 	}
1018 1018
 
1019
-	if(xcaps_get_db_etag(&turi.user, &turi.host, &xuri, &etag)<0)
1019
+	if(xcaps_get_db_etag(&turi.user, &turi.host, &xuri, &etag)!=0)
1020 1020
 	{ 
1021 1021
 		LM_ERR("could not fetch etag for xcap document\n");
1022 1022
 		goto error;