VirtualBox

Ignore:
Timestamp:
Jul 10, 2019 3:45:05 PM (6 years ago)
Author:
vboxsync
svn:sync-xref-src-repo-rev:
131994
Message:

Runtime/r3/xml.cpp: Introduce methods which limit the size of element and attribute values when querying them. Just for sanitizing, not that the buffer size is actually limited.
Main/Appliance+ExtPack: Use size checks to play safe with XML sata.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/VBox/Runtime/r3/xml.cpp

    r76553 r79677  
    565565
    566566/**
     567 * Returns the value of a node. If this node is an attribute, returns
     568 * the attribute value; if this node is an element, then this returns
     569 * the element text content.
     570 * @return
     571 * @param   cchValueLimit   If the length of the returned value exceeds this
     572 *                          limit a EIPRTFailure exception will be thrown.
     573 */
     574const char *Node::getValueN(size_t cchValueLimit) const
     575{
     576    if (   m_pLibAttr
     577        && m_pLibAttr->children
     578        )
     579    {
     580        // libxml hides attribute values in another node created as a
     581        // single child of the attribute node, and it's in the content field
     582        AssertStmt(strlen((const char *)m_pLibAttr->children->content) <= cchValueLimit, throw EIPRTFailure(VERR_BUFFER_OVERFLOW, "Attribute '%s' exceeds limit of %zu bytes", m_pcszName, cchValueLimit));
     583        return (const char *)m_pLibAttr->children->content;
     584    }
     585
     586    if (   m_pLibNode
     587        && m_pLibNode->children)
     588    {
     589        AssertStmt(strlen((const char *)m_pLibNode->children->content) <= cchValueLimit, throw EIPRTFailure(VERR_BUFFER_OVERFLOW, "Element '%s' exceeds limit of %zu bytes", m_pcszName, cchValueLimit));
     590        return (const char *)m_pLibNode->children->content;
     591    }
     592
     593    return NULL;
     594}
     595
     596/**
    567597 * Copies the value of a node into the given integer variable.
    568598 * Returns TRUE only if a value was found and was actually an
     
    11521182            return true;
    11531183        }
     1184    }
     1185
     1186    return false;
     1187}
     1188
     1189/**
     1190 * Convenience method which attempts to find the attribute with the given
     1191 * name and returns its value as a string.
     1192 *
     1193 * @param   pcszMatch       Name of attribute to find.
     1194 * @param   ppcsz           Where to return the attribute.
     1195 * @param   cchValueLimit   If the length of the returned value exceeds this
     1196 *                          limit a EIPRTFailure exception will be thrown.
     1197 * @param   pcszNamespace   The attribute name space prefix or NULL.
     1198 * @returns Boolean success indicator.
     1199 */
     1200bool ElementNode::getAttributeValueN(const char *pcszMatch, const char **ppcsz, size_t cchValueLimit, const char *pcszNamespace /*= NULL*/) const
     1201{
     1202    const AttributeNode *pAttr = findAttribute(pcszMatch, pcszNamespace);
     1203    if (pAttr)
     1204    {
     1205        *ppcsz = pAttr->getValueN(cchValueLimit);
     1206        return true;
     1207    }
     1208    return false;
     1209}
     1210
     1211/**
     1212 * Convenience method which attempts to find the attribute with the given
     1213 * name and returns its value as a string.
     1214 *
     1215 * @param   pcszMatch       Name of attribute to find.
     1216 * @param   pStr            Pointer to the string object that should receive the
     1217 *                          attribute value.
     1218 * @param   cchValueLimit   If the length of the returned value exceeds this
     1219 *                          limit a EIPRTFailure exception will be thrown.
     1220 * @param   pcszNamespace   The attribute name space prefix or NULL.
     1221 * @returns Boolean success indicator.
     1222 *
     1223 * @throws  Whatever the string class may throw on assignment.
     1224 */
     1225bool ElementNode::getAttributeValueN(const char *pcszMatch, RTCString *pStr, size_t cchValueLimit, const char *pcszNamespace /*= NULL*/) const
     1226{
     1227    const AttributeNode *pAttr = findAttribute(pcszMatch, pcszNamespace);
     1228    if (pAttr)
     1229    {
     1230        *pStr = pAttr->getValueN(cchValueLimit);
     1231        return true;
     1232    }
     1233
     1234    return false;
     1235}
     1236
     1237/**
     1238 * Like getAttributeValue (ministring variant), but makes sure that all backslashes
     1239 * are converted to forward slashes.
     1240 *
     1241 * @param   pcszMatch       Name of attribute to find.
     1242 * @param   pStr            Pointer to the string object that should
     1243 *                          receive the attribute path value.
     1244 * @param   cchValueLimit   If the length of the returned value exceeds this
     1245 *                          limit a EIPRTFailure exception will be thrown.
     1246 * @param   pcszNamespace   The attribute name space prefix or NULL.
     1247 * @returns Boolean success indicator.
     1248 */
     1249bool ElementNode::getAttributeValuePathN(const char *pcszMatch, RTCString *pStr, size_t cchValueLimit, const char *pcszNamespace /*= NULL*/) const
     1250{
     1251    if (getAttributeValueN(pcszMatch, pStr, cchValueLimit, pcszNamespace))
     1252    {
     1253        pStr->findReplace('\\', '/');
     1254        return true;
    11541255    }
    11551256
Note: See TracChangeset for help on using the changeset viewer.

© 2025 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette