diff options
| author | Lubomir Rintel <lkundrak@v3.sk> | 2018-07-16 13:02:24 +0200 |
|---|---|---|
| committer | Thomas Haller <thaller@redhat.com> | 2018-09-11 18:00:50 +0200 |
| commit | 781dd5671c924a6c9f902b4aeb2b58623e69ee32 (patch) | |
| tree | c9a1ce708ead2851558d8577cba3ac63a0526f79 | |
| parent | afd618b789cd161021107180e625bb92bcfcb17a (diff) | |
| download | NetworkManager-781dd5671c924a6c9f902b4aeb2b58623e69ee32.tar.gz | |
service-plugin: add a warning here and there
We're basically rather careless when parsing the auth-dialog protocol.
Let's add some warning so we get an early alert when something's wrong.
| -rw-r--r-- | libnm/nm-vpn-service-plugin.c | 16 | ||||
| -rw-r--r-- | libnm/tests/test-general.c | 4 |
2 files changed, 15 insertions, 5 deletions
diff --git a/libnm/nm-vpn-service-plugin.c b/libnm/nm-vpn-service-plugin.c index 375948aa1d..70bfe08a70 100644 --- a/libnm/nm-vpn-service-plugin.c +++ b/libnm/nm-vpn-service-plugin.c @@ -845,25 +845,37 @@ nm_vpn_service_plugin_read_vpn_details (int fd, /* finish marker */ break; } else if (strncmp (line->str, DATA_KEY_TAG, strlen (DATA_KEY_TAG)) == 0) { - if (key != NULL) + if (key != NULL) { + g_warning ("a value expected"); g_string_free (key, TRUE); + } key = g_string_new (line->str + strlen (DATA_KEY_TAG)); str = key; hash = data; } else if (strncmp (line->str, DATA_VAL_TAG, strlen (DATA_VAL_TAG)) == 0) { if (val != NULL) g_string_free (val, TRUE); + if (val || !key || hash != data) { + g_warning ("%s not preceded by %s", DATA_VAL_TAG, DATA_KEY_TAG); + break; + } val = g_string_new (line->str + strlen (DATA_VAL_TAG)); str = val; } else if (strncmp (line->str, SECRET_KEY_TAG, strlen (SECRET_KEY_TAG)) == 0) { - if (key != NULL) + if (key != NULL) { + g_warning ("a value expected"); g_string_free (key, TRUE); + } key = g_string_new (line->str + strlen (SECRET_KEY_TAG)); str = key; hash = secrets; } else if (strncmp (line->str, SECRET_VAL_TAG, strlen (SECRET_VAL_TAG)) == 0) { if (val != NULL) g_string_free (val, TRUE); + if (val || !key || hash != secrets) { + g_warning ("%s not preceded by %s", SECRET_VAL_TAG, SECRET_KEY_TAG); + break; + } val = g_string_new (line->str + strlen (SECRET_VAL_TAG)); str = val; } diff --git a/libnm/tests/test-general.c b/libnm/tests/test-general.c index 9f0d582cf3..89171d2aa6 100644 --- a/libnm/tests/test-general.c +++ b/libnm/tests/test-general.c @@ -2360,13 +2360,11 @@ test_nm_vpn_service_plugin_read_vpn_details (void) "", READ_VPN_DETAIL_DATA ( { "some-key", "string\ncontinued after a line break" }, - { "", "x" }, - { "y", "y" }, ), READ_VPN_DETAIL_DATA ( { "key names\ncan have\ncontinuations too", "value" }, - { "s1", "z" }, ), + NMTST_EXPECT_LIBNM_WARNING ("DATA_VAL= not preceded by DATA_KEY=") ); _do_read_vpn_details ("" |