Browse code

secfilter: changed char* by str in RPC function params to avoid memory problems

Jose Luis Verdeguer authored on 07/01/2019 10:34:42
Showing 1 changed files
... ...
@@ -30,25 +30,27 @@
30 30
 /* RPC commands */
31 31
 
32 32
 
33
-static int get_type(char *ctype)
33
+static int get_type(str ctype)
34 34
 {
35 35
 	int type;
36
+	
37
+	if (ctype.len > 64) ctype.len = 64;
36 38
 
37
-	if(!strcmp(ctype, "ua")) {
39
+	if(!strncmp(ctype.s, "ua", ctype.len)) {
38 40
 		type = 0;
39
-	} else if(!strcmp(ctype, "country")) {
41
+	} else if(!strncmp(ctype.s, "country", ctype.len)) {
40 42
 		type = 1;
41
-	} else if(!strcmp(ctype, "domain")) {
43
+	} else if(!strncmp(ctype.s, "domain", ctype.len)) {
42 44
 		type = 2;
43
-	} else if(!strcmp(ctype, "ip")) {
45
+	} else if(!strncmp(ctype.s, "ip", ctype.len)) {
44 46
 		type = 3;
45
-	} else if(!strcmp(ctype, "user")) {
47
+	} else if(!strncmp(ctype.s, "user", ctype.len)) {
46 48
 		type = 4;
47 49
 	} else {
48 50
 		LM_ERR("Invalid type\n");
49 51
 		return -1;
50 52
 	}
51
-
53
+	
52 54
 	return type;
53 55
 }
54 56
 
... ...
@@ -90,11 +92,11 @@ void secf_rpc_add_dst(rpc_t *rpc, void *ctx)
90 90
 /* Add blacklist value */
91 91
 void secf_rpc_add_bl(rpc_t *rpc, void *ctx)
92 92
 {
93
-	char *ctype = NULL;
93
+	str ctype = STR_NULL;
94 94
 	str data = STR_NULL;
95 95
 	int type;
96 96
 
97
-	if(rpc->scan(ctx, "ss", ctype, &data.s) < 2) {
97
+	if(rpc->scan(ctx, "ss", &ctype, &data) < 2) {
98 98
 		rpc->fault(ctx, 0,
99 99
 				"Invalid Parameters. Usage: secfilter.add_bl type "
100 100
 				"value\n     Example: secfilter.add_bl user "
... ...
@@ -102,12 +104,13 @@ void secf_rpc_add_bl(rpc_t *rpc, void *ctx)
102 102
 		return;
103 103
 	}
104 104
 	data.len = strlen(data.s);
105
+	ctype.len = strlen(ctype.s);
105 106
 	type = get_type(ctype);
106 107
 
107 108
 	lock_get(&secf_data->lock);
108 109
 	if(secf_append_rule(0, type, &data) == 0) {
109
-		rpc->rpl_printf(ctx, "Values (%s, %s) inserted into blacklist",
110
-				ctype, data);
110
+		rpc->rpl_printf(ctx, "Values (%.*s, %.*s) inserted into blacklist",
111
+				ctype.len, ctype.s, data.len, data.s);
111 112
 	} else {
112 113
 		rpc->rpl_printf(ctx, "Error insert values in the blacklist");
113 114
 	}
... ...
@@ -118,11 +121,11 @@ void secf_rpc_add_bl(rpc_t *rpc, void *ctx)
118 118
 /* Add whitelist value */
119 119
 void secf_rpc_add_wl(rpc_t *rpc, void *ctx)
120 120
 {
121
-	char *ctype = NULL;
121
+	str ctype = STR_NULL;
122 122
 	str data = STR_NULL;
123 123
 	int type;
124 124
 
125
-	if(rpc->scan(ctx, "ss", ctype, &data.s) < 2) {
125
+	if(rpc->scan(ctx, "ss", &ctype, &data) < 2) {
126 126
 		rpc->fault(ctx, 0,
127 127
 				"Invalid Parameters. Usage: secfilter.add_wl type "
128 128
 				"value\n     Example: secfilter.add_wl user "
... ...
@@ -130,12 +133,13 @@ void secf_rpc_add_wl(rpc_t *rpc, void *ctx)
130 130
 		return;
131 131
 	}
132 132
 	data.len = strlen(data.s);
133
+	ctype.len = strlen(ctype.s);
133 134
 	type = get_type(ctype);
134 135
 
135 136
 	lock_get(&secf_data->lock);
136 137
 	if(secf_append_rule(1, type, &data) == 0) {
137
-		rpc->rpl_printf(
138
-				ctx, "Values (%s, %s) inserted into whitelist", type, data);
138
+		rpc->rpl_printf(ctx, "Values (%.*s, %.*s) inserted into whitelist",
139
+				ctype.len, ctype.s, data.len, data.s);
139 140
 	} else {
140 141
 		rpc->rpl_printf(ctx, "Error insert values in the whitelist");
141 142
 	}
... ...
@@ -173,13 +177,15 @@ static void rpc_print_data(rpc_t *rpc, void *ctx, struct str_list *list)
173 173
 /* Print values */
174 174
 void secf_rpc_print(rpc_t *rpc, void *ctx)
175 175
 {
176
-	char *param = NULL;
176
+	str param = STR_NULL;
177 177
 	int showall = 0;
178 178
 
179
-	if(rpc->scan(ctx, "s", (char *)(&param)) < 1)
179
+	if(rpc->scan(ctx, "s", &param) < 1)
180 180
 		showall = 1;
181
+		
182
+	param.len = strlen(param.s);
181 183
 
182
-	if(!strcmp(param, "dst")) {
184
+	if(!strncmp(param.s, "dst", param.len)) {
183 185
 		rpc->rpl_printf(ctx, "");
184 186
 		rpc->rpl_printf(ctx, "Destinations");
185 187
 		rpc->rpl_printf(ctx, "============");
... ...
@@ -188,7 +194,7 @@ void secf_rpc_print(rpc_t *rpc, void *ctx)
188 188
 		rpc_print_data(rpc, ctx, secf_data->bl.dst);
189 189
 	}
190 190
 
191
-	if(showall == 1 || !strcmp(param, "ua")) {
191
+	if(showall == 1 || !strncmp(param.s, "ua", param.len)) {
192 192
 		rpc->rpl_printf(ctx, "");
193 193
 		rpc->rpl_printf(ctx, "User-agent");
194 194
 		rpc->rpl_printf(ctx, "==========");
... ...
@@ -201,7 +207,7 @@ void secf_rpc_print(rpc_t *rpc, void *ctx)
201 201
 		rpc_print_data(rpc, ctx, secf_data->wl.ua);
202 202
 	}
203 203
 
204
-	if(showall == 1 || !strcmp(param, "country")) {
204
+	if(showall == 1 || !strncmp(param.s, "country", param.len)) {
205 205
 		rpc->rpl_printf(ctx, "");
206 206
 		rpc->rpl_printf(ctx, "Country");
207 207
 		rpc->rpl_printf(ctx, "=======");
... ...
@@ -214,7 +220,7 @@ void secf_rpc_print(rpc_t *rpc, void *ctx)
214 214
 		rpc_print_data(rpc, ctx, secf_data->wl.country);
215 215
 	}
216 216
 
217
-	if(showall == 1 || !strcmp(param, "domain")) {
217
+	if(showall == 1 || !strncmp(param.s, "domain", param.len)) {
218 218
 		rpc->rpl_printf(ctx, "");
219 219
 		rpc->rpl_printf(ctx, "Domain");
220 220
 		rpc->rpl_printf(ctx, "======");
... ...
@@ -227,7 +233,7 @@ void secf_rpc_print(rpc_t *rpc, void *ctx)
227 227
 		rpc_print_data(rpc, ctx, secf_data->wl.domain);
228 228
 	}
229 229
 
230
-	if(showall == 1 || !strcmp(param, "ip")) {
230
+	if(showall == 1 || !strncmp(param.s, "ip", param.len)) {
231 231
 		rpc->rpl_printf(ctx, "");
232 232
 		rpc->rpl_printf(ctx, "IP Address");
233 233
 		rpc->rpl_printf(ctx, "==========");
... ...
@@ -240,7 +246,7 @@ void secf_rpc_print(rpc_t *rpc, void *ctx)
240 240
 		rpc_print_data(rpc, ctx, secf_data->wl.ip);
241 241
 	}
242 242
 
243
-	if(showall == 1 || !strcmp(param, "user")) {
243
+	if(showall == 1 || !strncmp(param.s, "user", param.len)) {
244 244
 		rpc->rpl_printf(ctx, "");
245 245
 		rpc->rpl_printf(ctx, "User");
246 246
 		rpc->rpl_printf(ctx, "====");