incoming: Validate source and destination callsigns better
by checking for invalid control characters, not just length (using the common "valid Q construct entry" check)
This commit is contained in:
Heikki Hannikainen
parent
b1d105e186
commit
32c3b4443e
|
|
@ -44,9 +44,9 @@ const char *inerr_labels[] = {
|
|||
"no_colon",
|
||||
"no_dst",
|
||||
"no_path",
|
||||
"long_srccall",
|
||||
"inv_srccall",
|
||||
"no_body",
|
||||
"long_dstcall",
|
||||
"inv_dstcall",
|
||||
"disallow_unverified",
|
||||
"path_nogate",
|
||||
"3rd_party",
|
||||
|
|
@ -581,8 +581,8 @@ int incoming_parse(struct worker_t *self, struct client_t *c, char *s, int len)
|
|||
if (path_start >= packet_end) // We're already at the path end
|
||||
return INERR_NO_PATH;
|
||||
|
||||
if (src_end - s > CALLSIGNLEN_MAX || src_end - s < CALLSIGNLEN_MIN)
|
||||
return INERR_LONG_SRCCALL; /* too long source callsign */
|
||||
if (check_invalid_q_callsign(s, src_end - s) != 0 || src_end - s < CALLSIGNLEN_MIN)
|
||||
return INERR_INV_SRCCALL; /* invalid or too long for source callsign */
|
||||
|
||||
info_start = path_end+1; // @":"+1 - first char of the payload
|
||||
if (info_start >= packet_end)
|
||||
|
|
@ -604,8 +604,8 @@ int incoming_parse(struct worker_t *self, struct client_t *c, char *s, int len)
|
|||
while (dstcall_end < path_end && *dstcall_end != ',' && *dstcall_end != ':')
|
||||
dstcall_end++;
|
||||
|
||||
if (dstcall_end - path_start > CALLSIGNLEN_MAX)
|
||||
return INERR_LONG_DSTCALL; /* too long for destination callsign */
|
||||
if (check_invalid_q_callsign(path_start, dstcall_end - path_start) != 0)
|
||||
return INERR_INV_DSTCALL; /* invalid or too long for destination callsign */
|
||||
|
||||
/* where does the digipeater path start? */
|
||||
via_start = dstcall_end;
|
||||
|
|
|
|||
|
|
@ -165,9 +165,9 @@ var rx_err_strings = {
|
|||
"no_colon": 'No colon (":") in packet',
|
||||
"no_dst": 'No ">" in packet to mark beginning of destination callsign',
|
||||
"no_path": 'No path found between source callsign and ":"',
|
||||
"long_srccall": 'Source callsign too long',
|
||||
"inv_srccall": 'Invalid source callsign',
|
||||
"no_body": 'No packet body/data after ":"',
|
||||
"long_dstcall": 'Destination callsign too long',
|
||||
"inv_dstcall": 'Invalid destination callsign',
|
||||
"disallow_unverified": 'Packet from unverified client',
|
||||
"path_nogate": 'Packet with NOGATE/RFONLY in path',
|
||||
"3rd_party": '3rd-party packet',
|
||||
|
|
|
|||
|
|
@ -181,9 +181,9 @@ struct client_heard_t {
|
|||
#define INERR_NO_COLON -1 /* no : in packet */
|
||||
#define INERR_NO_DST -2 /* no > in packet to mark beginning of dstcall */
|
||||
#define INERR_NO_PATH -3 /* no path found between srccall and : */
|
||||
#define INERR_LONG_SRCCALL -4 /* too long srccall */
|
||||
#define INERR_INV_SRCCALL -4 /* invalid or too long srccall */
|
||||
#define INERR_NO_BODY -5 /* no packet body/data after : */
|
||||
#define INERR_LONG_DSTCALL -6 /* too long dstcall */
|
||||
#define INERR_INV_DSTCALL -6 /* invalid or too long dstcall */
|
||||
#define INERR_DISALLOW_UNVERIFIED -7 /* disallow_unverified = 1, unverified client */
|
||||
#define INERR_NOGATE -8 /* packet path has NOGATE/RFONLY */
|
||||
#define INERR_3RD_PARTY -9 /* 3rd-party packet dropped */
|
||||
|
|
|
|||
Loading…
Reference in New Issue