Merge pull request #491 from igaw/harden-json-parser

dwsuse · web-flow · commit 86edb55348a4 · 2022-10-18T18:43:45.000+02:00
Enforce correct JSON config format
diff --git a/src/nvme/json.c b/src/nvme/json.c
@@ -158,6 +158,43 @@ static void json_parse_host(nvme_root_t r, struct json_object *host_obj)
 	}
 }
 
+static struct json_object *parse_json(nvme_root_t r, int fd)
+{
+	char buf[JSON_FILE_BUF_SIZE];
+	struct json_object *obj = NULL;
+	struct printbuf *pb;
+	json_tokener *tok = NULL;
+	int ret;
+
+	pb = printbuf_new();
+	if (!pb)
+		return NULL;
+
+	while ((ret = read(fd, buf, JSON_FILE_BUF_SIZE)) > 0)
+		printbuf_memappend(pb, buf, ret);
+
+	if (ret < 0)
+		goto out;
+
+	tok = json_tokener_new_ex(JSON_TOKENER_DEFAULT_DEPTH);
+	if (!tok)
+		goto out;
+
+	/* Enforce correctly formatted JSON */
+	tok->flags = JSON_TOKENER_STRICT;
+
+	obj = json_tokener_parse_ex(tok, pb->buf, printbuf_length(pb));
+	if (!obj)
+		nvme_msg(r, LOG_DEBUG, "JSON parsing failed: %s\n",
+			 json_util_get_last_err());
+out:
+	if (tok)
+		json_tokener_free(tok);
+	printbuf_free(pb);
+
+	return obj;
+}
+
 int json_read_config(nvme_root_t r, const char *config_file)
 {
 	struct json_object *json_root, *host_obj;
@@ -169,12 +206,16 @@ int json_read_config(nvme_root_t r, const char *config_file)
 			 config_file, strerror(errno));
 		return fd;
 	}
-	json_root = json_object_from_fd(fd);
+	json_root = parse_json(r, fd);
+	close(fd);
 	if (!json_root) {
-		nvme_msg(r, LOG_DEBUG, "Failed to read %s, %s\n",
-			config_file, json_util_get_last_err());
 		errno = EPROTO;
-		close(fd);
+		return -1;
+	}
+	if (!json_object_is_type(json_root, json_type_array)) {
+		nvme_msg(r, LOG_DEBUG, "Wrong format, expected array\n");
+		json_object_put(json_root);
+		errno = EPROTO;
 		return -1;
 	}
 	for (h = 0; h < json_object_array_length(json_root); h++) {
@@ -183,7 +224,6 @@ int json_read_config(nvme_root_t r, const char *config_file)
 			json_parse_host(r, host_obj);
 	}
 	json_object_put(json_root);
-	close(fd);
 	return 0;
 }
 
