Skip to content

Commit

Permalink
[string] add UTF-8 validation (#5810)
Browse files Browse the repository at this point in the history
  • Loading branch information
@moandor-y
moandor-y committed Nov 30, 2020
1 parent 18b82fd commit c7192ba
Show file tree
Hide file tree
Showing 13 changed files with 277 additions and 15 deletions.
36 changes: 27 additions & 9 deletions src/cli/cli_dataset.cpp
View file
Expand Up @@ -40,6 +40,7 @@
#include <openthread/dataset_ftd.h>

#include "cli/cli.hpp"
#include "common/string.hpp"
#include "utils/parse_cmdline.hpp"

using ot::Utils::CmdLineParser::ParseAsHexString;
Expand Down Expand Up @@ -485,6 +486,7 @@ otError Dataset::ProcessNetworkName(uint8_t aArgsLength, char *aArgs[])
size_t length;

VerifyOrExit((length = strlen(aArgs[0])) <= OT_NETWORK_NAME_MAX_SIZE, error = OT_ERROR_INVALID_ARGS);
VerifyOrExit(IsValidUtf8String(aArgs[0]), error = OT_ERROR_INVALID_ARGS);

memset(&sDataset.mNetworkName, 0, sizeof(sDataset.mNetworkName));
memcpy(sDataset.mNetworkName.m8, aArgs[0], length);
Expand Down Expand Up @@ -865,29 +867,45 @@ otError Dataset::ProcessSecurityPolicy(uint8_t aArgsLength, char *aArgs[])

otError Dataset::ProcessSet(uint8_t aArgsLength, char *aArgs[])
{
otError error = OT_ERROR_NONE;
otOperationalDatasetTlvs dataset;
uint16_t tlvsLength;
otError error = OT_ERROR_NONE;
MeshCoP::Dataset::Type datasetType;

VerifyOrExit(aArgsLength == 2, error = OT_ERROR_INVALID_ARGS);

tlvsLength = sizeof(dataset.mTlvs);
SuccessOrExit(error = ParseAsHexString(aArgs[1], tlvsLength, dataset.mTlvs));
dataset.mLength = static_cast<uint8_t>(tlvsLength);

if (strcmp(aArgs[0], "active") == 0)
{
SuccessOrExit(error = otDatasetSetActiveTlvs(mInterpreter.mInstance, &dataset));
datasetType = MeshCoP::Dataset::Type::kActive;
}
else if (strcmp(aArgs[0], "pending") == 0)
{
SuccessOrExit(error = otDatasetSetPendingTlvs(mInterpreter.mInstance, &dataset));
datasetType = MeshCoP::Dataset::Type::kPending;
}
else
{
ExitNow(error = OT_ERROR_INVALID_ARGS);
}

{
MeshCoP::Dataset dataset(datasetType);
MeshCoP::Dataset::Info datasetInfo;
uint16_t tlvsLength = MeshCoP::Dataset::kMaxSize;

SuccessOrExit(error = ParseAsHexString(aArgs[1], tlvsLength, dataset.GetBytes()));
dataset.SetSize(tlvsLength);
VerifyOrExit(dataset.IsValid(), error = OT_ERROR_INVALID_ARGS);
dataset.ConvertTo(datasetInfo);

switch (datasetType)
{
case MeshCoP::Dataset::Type::kActive:
SuccessOrExit(error = otDatasetSetActive(mInterpreter.mInstance, &datasetInfo));
break;
case MeshCoP::Dataset::Type::kPending:
SuccessOrExit(error = otDatasetSetPending(mInterpreter.mInstance, &datasetInfo));
break;
}
}

exit:
return error;
}
Expand Down
64 changes: 64 additions & 0 deletions src/core/common/string.cpp
View file
Expand Up @@ -33,6 +33,8 @@

#include "string.hpp"

#include <string.h>

namespace ot {

uint16_t StringLength(const char *aString, uint16_t aMaxLength)
Expand Down Expand Up @@ -73,4 +75,66 @@ otError StringBase::Write(char *aBuffer, uint16_t aSize, uint16_t &aLength, cons
return error;
}

bool IsValidUtf8String(const char *aString)
{
return IsValidUtf8String(aString, strlen(aString));
}

bool IsValidUtf8String(const char *aString, size_t aLength)
{
bool ret = true;
uint8_t byte;
uint8_t continuationBytes = 0;
size_t position = 0;

while (position < aLength)
{
byte = *reinterpret_cast<const uint8_t *>(aString + position);
++position;

if ((byte & 0x80) == 0)
{
continue;
}

// This is a leading byte 1xxx-xxxx.

if ((byte & 0x40) == 0) // 10xx-xxxx
{
// We got a continuation byte pattern without seeing a leading byte earlier.
ExitNow(ret = false);
}
else if ((byte & 0x20) == 0) // 110x-xxxx
{
continuationBytes = 1;
}
else if ((byte & 0x10) == 0) // 1110-xxxx
{
continuationBytes = 2;
}
else if ((byte & 0x08) == 0) // 1111-0xxx
{
continuationBytes = 3;
}
else // 1111-1xxx (invalid pattern).
{
ExitNow(ret = false);
}

while (continuationBytes-- != 0)
{
VerifyOrExit(position < aLength, ret = false);

byte = *reinterpret_cast<const uint8_t *>(aString + position);
++position;

// Verify the continuation byte pattern 10xx-xxxx
VerifyOrExit((byte & 0xc0) == 0x80, ret = false);
}
}

exit:
return ret;
}

} // namespace ot
23 changes: 23 additions & 0 deletions src/core/common/string.hpp
View file
Expand Up @@ -258,6 +258,29 @@ template <uint16_t SIZE> class String : private StringBase
*
*/

/**
* This function validates whether a given byte sequence (string) follows UTF-8 encoding.
*
* @param[in] aString A null-terminated byte sequence.
*
* @retval TRUE The sequence is a valid UTF-8 string.
* @retval FALSE The sequence is not a valid UTF-8 string.
*
*/
bool IsValidUtf8String(const char *aString);

/**
* This function validates whether a given byte sequence (string) follows UTF-8 encoding.
*
* @param[in] aString A byte sequence.
* @param[in] aLength Length of the sequence.
*
* @retval TRUE The sequence is a valid UTF-8 string.
* @retval FALSE The sequence is not a valid UTF-8 string.
*
*/
bool IsValidUtf8String(const char *aString, size_t aLength);

} // namespace ot

#endif // STRING_HPP_
18 changes: 16 additions & 2 deletions src/core/mac/mac.cpp
View file
Expand Up @@ -42,6 +42,7 @@
#include "common/locator-getters.hpp"
#include "common/logging.hpp"
#include "common/random.hpp"
#include "common/string.hpp"
#include "crypto/aes_ccm.hpp"
#include "crypto/sha256.hpp"
#include "mac/mac_frame.hpp"
Expand Down Expand Up @@ -261,6 +262,7 @@ otError Mac::ConvertBeaconToActiveScanResult(const RxFrame *aBeaconFrame, Active
aResult.mIsJoinable = beaconPayload->IsJoiningPermitted();
aResult.mIsNative = beaconPayload->IsNative();
IgnoreError(static_cast<NetworkName &>(aResult.mNetworkName).Set(beaconPayload->GetNetworkName()));
VerifyOrExit(IsValidUtf8String(aResult.mNetworkName.m8), error = OT_ERROR_PARSE);
aResult.mExtendedPanId = beaconPayload->GetExtendedPanId();
}

Expand Down Expand Up @@ -475,9 +477,15 @@ otError Mac::SetNetworkName(const char *aNameString)
// longer than `kMaxSize` is correctly rejected (returning error
// `OT_ERROR_INVALID_ARGS`).

otError error;
NameData data(aNameString, NetworkName::kMaxSize + 1);

return SetNetworkName(data);
VerifyOrExit(IsValidUtf8String(aNameString), error = OT_ERROR_INVALID_ARGS);

error = SetNetworkName(data);

exit:
return error;
}

otError Mac::SetNetworkName(const NameData &aNameData)
Expand Down Expand Up @@ -509,9 +517,15 @@ otError Mac::SetDomainName(const char *aNameString)
// longer than `kMaxSize` is correctly rejected (returning error
// `OT_ERROR_INVALID_ARGS`).

otError error;
NameData data(aNameString, DomainName::kMaxSize + 1);

return SetDomainName(data);
VerifyOrExit(IsValidUtf8String(aNameString), error = OT_ERROR_INVALID_ARGS);

error = SetDomainName(data);

exit:
return error;
}

otError Mac::SetDomainName(const NameData &aNameData)
Expand Down
2 changes: 2 additions & 0 deletions src/core/meshcop/commissioner.cpp
View file
Expand Up @@ -590,6 +590,8 @@ otError Commissioner::SetProvisioningUrl(const char *aProvisioningUrl)
ExitNow();
}

VerifyOrExit(IsValidUtf8String(aProvisioningUrl), error = OT_ERROR_INVALID_ARGS);

len = static_cast<uint8_t>(StringLength(aProvisioningUrl, sizeof(mProvisioningUrl)));

VerifyOrExit(len < sizeof(mProvisioningUrl), error = OT_ERROR_INVALID_ARGS);
Expand Down
4 changes: 4 additions & 0 deletions src/core/meshcop/joiner.cpp
View file
Expand Up @@ -140,6 +140,10 @@ otError Joiner::Start(const char * aPskd,

otLogInfoMeshCoP("Joiner starting");

VerifyOrExit(aProvisioningUrl == nullptr || IsValidUtf8String(aProvisioningUrl), error = OT_ERROR_INVALID_ARGS);
VerifyOrExit(aVendorName == nullptr || IsValidUtf8String(aVendorName), error = OT_ERROR_INVALID_ARGS);
VerifyOrExit(aVendorSwVersion == nullptr || IsValidUtf8String(aVendorSwVersion), error = OT_ERROR_INVALID_ARGS);

VerifyOrExit(mState == kStateIdle, error = OT_ERROR_BUSY);
VerifyOrExit(Get<ThreadNetif>().IsUp() && Get<Mle::Mle>().GetRole() == Mle::kRoleDisabled,
error = OT_ERROR_INVALID_STATE);
Expand Down
3 changes: 3 additions & 0 deletions src/core/meshcop/meshcop.cpp
View file
Expand Up @@ -37,6 +37,7 @@
#include "common/debug.hpp"
#include "common/locator-getters.hpp"
#include "common/logging.hpp"
#include "common/string.hpp"
#include "crypto/pbkdf2_cmac.h"
#include "crypto/sha256.hpp"
#include "mac/mac_types.hpp"
Expand Down Expand Up @@ -325,6 +326,8 @@ otError GeneratePskc(const char * aPassPhrase,
uint16_t passphraseLen;
uint8_t networkNameLen;

VerifyOrExit(IsValidUtf8String(aPassPhrase), error = OT_ERROR_INVALID_ARGS);

passphraseLen = static_cast<uint16_t>(StringLength(aPassPhrase, OT_COMMISSIONING_PASSPHRASE_MAX_SIZE + 1));
networkNameLen = static_cast<uint8_t>(StringLength(aNetworkName.GetAsCString(), OT_NETWORK_NAME_MAX_SIZE + 1));

Expand Down
6 changes: 6 additions & 0 deletions src/core/meshcop/meshcop_tlvs.cpp
View file
Expand Up @@ -34,6 +34,7 @@
#include "meshcop_tlvs.hpp"

#include "common/debug.hpp"
#include "common/string.hpp"
#include "meshcop/meshcop.hpp"

namespace ot {
Expand Down Expand Up @@ -129,6 +130,11 @@ void NetworkNameTlv::SetNetworkName(const Mac::NameData &aNameData)
SetLength(len);
}

bool NetworkNameTlv::IsValid(void) const
{
return IsValidUtf8String(mNetworkName, GetLength());
}

void SteeringDataTlv::CopyTo(SteeringData &aSteeringData) const
{
aSteeringData.Init(GetSteeringDataLength());
Expand Down
2 changes: 1 addition & 1 deletion src/core/meshcop/meshcop_tlvs.hpp
View file
Expand Up @@ -511,7 +511,7 @@ class NetworkNameTlv : public Tlv, public TlvInfo<Tlv::kNetworkName>
* @retval FALSE If the TLV does not appear to be well-formed.
*
*/
bool IsValid(void) const { return true; }
bool IsValid(void) const;

/**
* This method gets the Network Name value.
Expand Down
5 changes: 4 additions & 1 deletion src/core/thread/discover_scanner.cpp
View file
Expand Up @@ -336,7 +336,10 @@ void DiscoverScanner::HandleDiscoveryResponse(const Message &aMessage, const Ip6

case MeshCoP::Tlv::kNetworkName:
IgnoreError(aMessage.Read(offset, networkName));
IgnoreError(static_cast<Mac::NetworkName &>(result.mNetworkName).Set(networkName.GetNetworkName()));
if (networkName.IsValid())
{
IgnoreError(static_cast<Mac::NetworkName &>(result.mNetworkName).Set(networkName.GetNetworkName()));
}
break;

case MeshCoP::Tlv::kSteeringData:
Expand Down
33 changes: 31 additions & 2 deletions tests/scripts/expect/cli-dataset.exp
View file
Expand Up @@ -204,18 +204,47 @@ address $addr\n"
expect "Done"

switch_node 1
send "dataset init active\n"
expect "Done"
send "dataset networkname Thread\\ 网络\n"
expect "Done"
send "dataset commit active\n"
expect "Done"
send "dataset active -x\n"
expect "54687265616420e7bd91e7bb9c" ;# UTF-8 of "Thread 网络"
expect "Done"
send "dataset active -x\n"
expect "dataset active -x"
expect -re {([0-9a-f]+)}
expect -re {([0-9a-f]+)[\r\n]+Done}
set binary $expect_out(1,string)
expect "Done"
send "dataset set pending $binary\n"
expect "Done"
send "dataset pending -x\n"
expect $binary
expect "Done"
send "dataset pending\n"
expect "Network Name: Thread 网络"
expect "Done"
send "dataset set active $binary\n"
expect "Done"
send "dataset mgmtsetcommand active activetimestamp 200 -x 030d54687265616420e7bd91e7bb9c\n"
expect "Done"
send "dataset active\n"
expect "Network Name: Thread 网络"
expect "Done"
send "dataset mgmtsetcommand active activetimestamp 210 -x 0301ff\n"
expect "Done"
send "dataset active\n"
expect "Active Timestamp: 200"
expect "Network Name: Thread 网络"
expect "Done"
send "dataset set active 03023432\n"
expect "Done"
send "dataset active\n"
expect "Network Name: 42"
expect "Done"
send "dataset set active 0301bf\n"
expect "Error 7: InvalidArgs"
send "dataset help\n"
expect "Done"
send "dataset\n"
Expand Down

0 comments on commit c7192ba

Please sign in to comment.