Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F3247561
D3113.id9613.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
3 KB
Referenced Files
None
Subscribers
None
D3113.id9613.diff
View Options
diff --git a/services/tunnelbroker/docker-server/contents/server/src/Constants.h b/services/tunnelbroker/docker-server/contents/server/src/Constants.h
--- a/services/tunnelbroker/docker-server/contents/server/src/Constants.h
+++ b/services/tunnelbroker/docker-server/contents/server/src/Constants.h
@@ -19,6 +19,8 @@
const size_t SESSION_ID_LENGTH = 64;
const size_t SESSION_RECORD_TTL = 30 * 24 * 3600; // 30 days
const size_t SESSION_SIGN_RECORD_TTL = 24 * 3600; // 24 hours
+const std::regex SESSION_ID_FORMAT_REGEX(
+ "[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}");
// gRPC Server
const std::string SERVER_LISTEN_ADDRESS = "0.0.0.0:50051";
diff --git a/services/tunnelbroker/docker-server/contents/server/src/Service/TunnelbrokerServiceImpl.cpp b/services/tunnelbroker/docker-server/contents/server/src/Service/TunnelbrokerServiceImpl.cpp
--- a/services/tunnelbroker/docker-server/contents/server/src/Service/TunnelbrokerServiceImpl.cpp
+++ b/services/tunnelbroker/docker-server/contents/server/src/Service/TunnelbrokerServiceImpl.cpp
@@ -133,6 +133,13 @@
google::protobuf::Empty *reply) {
try {
const std::string sessionID = request->sessionid();
+ if (!validateSessionID(sessionID)) {
+ std::cout << "gRPC: "
+ << "Format validation failed for " << sessionID << std::endl;
+ return grpc::Status(
+ grpc::StatusCode::INVALID_ARGUMENT,
+ "Format validation failed for sessionID");
+ }
std::shared_ptr<database::DeviceSessionItem> sessionItem =
database::DatabaseManager::getInstance().findSessionItem(sessionID);
if (sessionItem == nullptr) {
@@ -168,6 +175,13 @@
grpc::ServerWriter<tunnelbroker::GetResponse> *writer) {
try {
const std::string sessionID = request->sessionid();
+ if (!validateSessionID(sessionID)) {
+ std::cout << "gRPC: "
+ << "Format validation failed for " << sessionID << std::endl;
+ return grpc::Status(
+ grpc::StatusCode::INVALID_ARGUMENT,
+ "Format validation failed for sessionID");
+ }
std::shared_ptr<database::DeviceSessionItem> sessionItem =
database::DatabaseManager::getInstance().findSessionItem(sessionID);
if (sessionItem == nullptr) {
diff --git a/services/tunnelbroker/docker-server/contents/server/src/Tools/Tools.h b/services/tunnelbroker/docker-server/contents/server/src/Tools/Tools.h
--- a/services/tunnelbroker/docker-server/contents/server/src/Tools/Tools.h
+++ b/services/tunnelbroker/docker-server/contents/server/src/Tools/Tools.h
@@ -10,6 +10,7 @@
long long getCurrentTimestamp();
bool validateDeviceID(std::string deviceID);
std::string generateUUID();
+bool validateSessionID(std::string sessionID);
} // namespace network
} // namespace comm
diff --git a/services/tunnelbroker/docker-server/contents/server/src/Tools/Tools.cpp b/services/tunnelbroker/docker-server/contents/server/src/Tools/Tools.cpp
--- a/services/tunnelbroker/docker-server/contents/server/src/Tools/Tools.cpp
+++ b/services/tunnelbroker/docker-server/contents/server/src/Tools/Tools.cpp
@@ -56,5 +56,16 @@
return boost::uuids::to_string(random_generator());
}
+bool validateSessionID(std::string sessionID) {
+ try {
+ return std::regex_match(sessionID, SESSION_ID_FORMAT_REGEX);
+ } catch (const std::exception &e) {
+ std::cout << "Tools: "
+ << "Got an exception at `validateSessionId`: " << e.what()
+ << std::endl;
+ return false;
+ }
+}
+
} // namespace network
} // namespace comm
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Sat, Nov 16, 6:05 AM (16 h, 38 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2496586
Default Alt Text
D3113.id9613.diff (3 KB)
Attached To
Mode
D3113: [services] Tunnelbroker - Requests SessionID format validation.
Attached
Detach File
Event Timeline
Log In to Comment