From c66c859cea4c495c788b6f1d650a0ba165c686b3 Mon Sep 17 00:00:00 2001 From: Adriana Kobylak Date: Tue, 6 Aug 2019 15:08:05 -0500 Subject: openbmc_dbus_rest: Add numeric_limits range check Add a range check for numerical values so that they are not truncated. Tested: :: - bool: RebootPolicy: AutoReboot Valid: 0, 1 Invalid: null, -1, 2 - int64_t: Ambient Temp Sensor: WarningHigh Valid: -9223372036854775808, -1, 2500, 9223372036854775807 Invalid: null, -9223372036854775809 - uint8_t: Software: Priority Valid: 0, 1, 255 Invalid: null, -1, 256 - uint16_t: LED Physical: Period Valid: 0, 1000, 65535 Invalid: null, -1, 65536 - uint32_t: State PowerOnHours: POHCounter Valid: 0, 20, 4294967295 Invalid: -1, 4294967296 - uint64_t: State BMC: LastRebootTime Valid: 0, 1566402464000, 18446744073709551615 Invalid: -1, 18446744073709551616 Closes: openbmc/bmcweb#101 Change-Id: I652333b0042b28ffb0a47b478d1a0a6e7ec994a7 Signed-off-by: Adriana Kobylak --- include/openbmc_dbus_rest.hpp | 71 +++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 68 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/openbmc_dbus_rest.hpp b/include/openbmc_dbus_rest.hpp index 5b9b7382d2..7839e65b99 100644 --- a/include/openbmc_dbus_rest.hpp +++ b/include/openbmc_dbus_rest.hpp @@ -577,6 +577,11 @@ int convertJsonToDbus(sd_bus_message *m, const std::string &arg_type, { return -1; } + if ((*intValue < std::numeric_limits::lowest()) || + (*intValue > std::numeric_limits::max())) + { + return -ERANGE; + } int32_t i = static_cast(*intValue); r = sd_bus_message_append_basic(m, argCode[0], &i); if (r < 0) @@ -590,7 +595,18 @@ int convertJsonToDbus(sd_bus_message *m, const std::string &arg_type, int boolInt = false; if (intValue != nullptr) { - boolInt = *intValue > 0 ? 1 : 0; + if (*intValue == 1) + { + boolInt = true; + } + else if (*intValue == 0) + { + boolInt = false; + } + else + { + return -ERANGE; + } } else if (b != nullptr) { @@ -616,6 +632,11 @@ int convertJsonToDbus(sd_bus_message *m, const std::string &arg_type, { return -1; } + if ((*intValue < std::numeric_limits::lowest()) || + (*intValue > std::numeric_limits::max())) + { + return -ERANGE; + } int16_t n = static_cast(*intValue); r = sd_bus_message_append_basic(m, argCode[0], &n); if (r < 0) @@ -629,6 +650,11 @@ int convertJsonToDbus(sd_bus_message *m, const std::string &arg_type, { return -1; } + if ((*intValue < std::numeric_limits::lowest()) || + (*intValue > std::numeric_limits::max())) + { + return -ERANGE; + } r = sd_bus_message_append_basic(m, argCode[0], intValue); if (r < 0) { @@ -641,6 +667,11 @@ int convertJsonToDbus(sd_bus_message *m, const std::string &arg_type, { return -1; } + if ((*uintValue < std::numeric_limits::lowest()) || + (*uintValue > std::numeric_limits::max())) + { + return -ERANGE; + } uint8_t y = static_cast(*uintValue); r = sd_bus_message_append_basic(m, argCode[0], &y); } @@ -650,6 +681,11 @@ int convertJsonToDbus(sd_bus_message *m, const std::string &arg_type, { return -1; } + if ((*uintValue < std::numeric_limits::lowest()) || + (*uintValue > std::numeric_limits::max())) + { + return -ERANGE; + } uint16_t q = static_cast(*uintValue); r = sd_bus_message_append_basic(m, argCode[0], &q); } @@ -659,6 +695,11 @@ int convertJsonToDbus(sd_bus_message *m, const std::string &arg_type, { return -1; } + if ((*uintValue < std::numeric_limits::lowest()) || + (*uintValue > std::numeric_limits::max())) + { + return -ERANGE; + } uint32_t u = static_cast(*uintValue); r = sd_bus_message_append_basic(m, argCode[0], &u); } @@ -668,10 +709,24 @@ int convertJsonToDbus(sd_bus_message *m, const std::string &arg_type, { return -1; } + if ((*uintValue < std::numeric_limits::lowest()) || + (*uintValue > std::numeric_limits::max())) + { + return -ERANGE; + } r = sd_bus_message_append_basic(m, argCode[0], uintValue); } else if (argCode == "d") { + if (doubleValue == nullptr) + { + return -1; + } + if ((*doubleValue < std::numeric_limits::lowest()) || + (*doubleValue > std::numeric_limits::max())) + { + return -ERANGE; + } sd_bus_message_append_basic(m, argCode[0], doubleValue); } else if (boost::starts_with(argCode, "a")) @@ -1857,8 +1912,18 @@ void handlePut(const crow::Request &req, crow::Response &res, transaction->propertyValue); if (r < 0) { - transaction->setErrorStatus( - "Invalid arg type"); + if (r == -ERANGE) + { + transaction->setErrorStatus( + "Provided property value " + "is out of range for the " + "property type"); + } + else + { + transaction->setErrorStatus( + "Invalid arg type"); + } return; } r = sd_bus_message_close_container( -- cgit v1.2.3