diff options
author | AppaRao Puli <apparao.puli@linux.intel.com> | 2021-10-07 00:51:16 +0300 |
---|---|---|
committer | Ed Tanous <edtanous@google.com> | 2023-06-01 22:42:45 +0300 |
commit | 600af5f1ee6f3a589d5c1a7be31579ca705eef71 (patch) | |
tree | 0c1bd7bf285a4d9cd78e58890efdb95254183f67 /redfish-core/src | |
parent | 75ec825c9aa030568fc97b47dd34fee5c9405d73 (diff) | |
download | bmcweb-600af5f1ee6f3a589d5c1a7be31579ca705eef71.tar.xz |
Input parameter validation for Event Subscription
User input must be validated to avoid the out-of-memory issue. This
commit adds the size check on input parameters such as Context,
Destination and Header field while create or update the
EventDestination.
Added a generic error message "PropertySizeExceeded" in message registry
which is used as response when size limit is exceeded.
Tested
- Validated using POST on Event Subscription.
- When Context, Destination and Headers were too long,
received a error message denoting the same.
Change-Id: Ibab847ce0c99f445a76e6d3aee8074428bb7d30f
Signed-off-by: AppaRao Puli <apparao.puli@intel.com>
Signed-off-by: Ayushi Smriti <smriti.ayushi@intel.com>
Signed-off-by: P Dheeraj Srujan Kumar <p.dheeraj.srujan.kumar@intel.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
Diffstat (limited to 'redfish-core/src')
-rw-r--r-- | redfish-core/src/error_messages.cpp | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/redfish-core/src/error_messages.cpp b/redfish-core/src/error_messages.cpp index e3fb74bdba..33f5d70c05 100644 --- a/redfish-core/src/error_messages.cpp +++ b/redfish-core/src/error_messages.cpp @@ -1769,6 +1769,48 @@ void operationNotAllowed(crow::Response& res) addMessageToErrorJson(res.jsonValue, operationNotAllowed()); } +/** + * @internal + * @brief Formats ArraySizeTooLong message into JSON + * + * See header file for more information + * @endinternal + */ +nlohmann::json arraySizeTooLong(std::string_view property, uint64_t length) +{ + std::string valStr = std::to_string(length); + return getLog(redfish::registries::base::Index::arraySizeTooLong, + std::to_array<std::string_view>({property, valStr})); +} + +void arraySizeTooLong(crow::Response& res, std::string_view property, + uint64_t length) +{ + res.result(boost::beast::http::status::method_not_allowed); + addMessageToErrorJson(res.jsonValue, arraySizeTooLong(property, length)); +} + +/** + * @internal + * @brief Formats StringValueTooLong message into JSON + * + * See header file for more information + * @endinternal + */ +nlohmann::json stringValueTooLong(std::string_view property, uint64_t length) +{ + std::string valStr = std::to_string(length); + return getLog(redfish::registries::base::Index::stringValueTooLong, + std::to_array<std::string_view>({property, valStr})); +} + +void stringValueTooLong(crow::Response& res, std::string_view property, + uint64_t length) +{ + res.result(boost::beast::http::status::method_not_allowed); + addMessageToErrorJson(res.jsonValue, stringValueTooLong(property, length)); +} + void invalidUpload(crow::Response& res, std::string_view arg1, std::string_view arg2) { |