diff options
author | Klaus Kämpf <kkaempf@suse.de> | 2012-03-30 15:11:39 +0200 |
---|---|---|
committer | Klaus Kämpf <kkaempf@suse.de> | 2012-03-30 15:11:39 +0200 |
commit | b8744c22329467d9317a90544b0dd8999bad9448 (patch) | |
tree | 6386fcc12944a5f7cc9e95c5efaa4087fce6bb11 | |
parent | 03b9835f93329741c666755cd88648f8d35afcef (diff) | |
download | wsmancli-b8744c22329467d9317a90544b0dd8999bad9448.tar.gz wsmancli-b8744c22329467d9317a90544b0dd8999bad9448.tar.xz wsmancli-b8744c22329467d9317a90544b0dd8999bad9448.zip |
Check result of u_parse_query
u_parse_query starts with strtok_r(src, "&,", &pp) thus these filters
will be two tokens. As the second one does not contain an equal sign,
u_parse_query returns NULL, and hash_scan_begin tries to use it
without any checks.
The problem is with the comma in the filter, and I could not find a
way to circumvent it. As these minimal examples demonstrates:
wsman enumerate 'foo' --dialect "http://schemas.dmtf.org/wbem/wsman/1/wsman/SelectorFilter" --filter 'foo="bar,foo"'
wsman enumerate 'foo' --dialect "http://schemas.dmtf.org/wbem/wsman/1/wsman/SelectorFilter" --filter "foo='bar,foo'"
Reported by Zoltan Micskei <zoltan.micskei@mit.bme.hu>
-rw-r--r-- | src/wsman.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/wsman.c b/src/wsman.c index 61996d4..78d2310 100644 --- a/src/wsman.c +++ b/src/wsman.c @@ -870,6 +870,10 @@ int main(int argc, char **argv) selector_entry *entry; selectors_new = hash_create2(HASHCOUNT_T_MAX, 0, 0); selfilter = u_parse_query(wsm_filter); + if (!selfilter) { + error("Filter parse error"); + break; + } hash_scan_begin(&hs, selfilter); while ((hn = hash_scan_next(&hs))) { entry = u_malloc(sizeof(selector_entry)); |