Fixed issue #17 special character in strings can break RPCs

clicon · Apr 21, 2018 · 67c0abe · 67c0abe
1 parent 7650803
commit 67c0abe
Show file tree

Hide file tree

Showing 15 changed files with 407 additions and 138 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -103,6 +103,7 @@ enables saved files to be used as datastore without any editing. Thanks Matt.
 * Added cli_show_version()
 
 ### Corrected Bugs
+* Fixed issue https://github.com/clicon/clixon/issues/17 special character in strings can break RPCs 
 * Fixed three-key list entry problem (reported by jdl@netgate)
 * Translate xml->json \n correctly
 * Fix issue: https://github.com/clicon/clixon/issues/15 Replace whole config

diff --git a/apps/backend/backend_client.c b/apps/backend/backend_client.c
@@ -1083,12 +1083,12 @@ from_client_msg(clicon_handle        h,
 	goto done;
     }
     if (clicon_msg_decode(msg, &xt) < 0){
-	if (netconf_malformed_message(cbret, "Not recognized, rpc expected")< 0)
+	if (netconf_malformed_message(cbret, "XML parse error")< 0)
 	    goto done;
 	goto reply;
     }
     if ((x = xpath_first(xt, "/rpc")) == NULL){
-	if (netconf_malformed_message(cbret, "Not recognized, rpc expected")< 0)
+	if (netconf_malformed_message(cbret, "rpc keyword expected")< 0)
 	    goto done;
 	goto reply;
     }
@@ -1187,6 +1187,8 @@ from_client_msg(clicon_handle        h,
 	if (netconf_operation_failed(cbret, "application", clicon_err_reason)< 0)
 	    goto done;
     clicon_debug(1, "%s cbret:%s", __FUNCTION__, cbuf_get(cbret));
+    /* XXX problem here is that cbret has not been parsed so may contain 
+       parse errors */
     if (send_msg_reply(ce->ce_s, cbuf_get(cbret), cbuf_len(cbret)+1) < 0){
 	switch (errno){
 	case EPIPE:

diff --git a/apps/cli/cli_show.c b/apps/cli/cli_show.c
@@ -516,12 +516,12 @@ cli_show_config(clicon_handle h,
 	    xml2txt(stdout, xc, 0); /* tree-formed text */
 	break;
     case FORMAT_CLI:
+	/* get CLI generatade mode: VARS|ALL */
+	if ((gt = clicon_cli_genmodel_type(h)) == GT_ERR)
+	    goto done;
 	xc = NULL; /* Dont print xt itself */
-	while ((xc = xml_child_each(xt, xc, -1)) != NULL){
-	    if ((gt = clicon_cli_genmodel_type(h)) == GT_ERR)
-		goto done;
+	while ((xc = xml_child_each(xt, xc, -1)) != NULL)
 	    xml2cli(stdout, xc, NULL, gt); /* cli syntax */
-	}
 	break;
     case FORMAT_NETCONF:
 	fprintf(stdout, "<rpc><edit-config><target><candidate/></target><config>\n");

diff --git a/datastore/keyvalue/clixon_keyvalue.c b/datastore/keyvalue/clixon_keyvalue.c
@@ -211,7 +211,7 @@ append_listkeys(cbuf      *ckey,
 		       xml_name(xt), keyname);
 	    goto done;
 	}
-	if (percent_encode(xml_body(xkey), &bodyenc) < 0)
+	if (uri_percent_encode(xml_body(xkey), &bodyenc) < 0)
 	    goto done;
 	if (i++)
 	    cprintf(ckey, ",");
@@ -328,7 +328,7 @@ get(char      *dbname,
 	     * If xml element is a leaf-list, then the next element is expected to
 	     * be a value
 	     */
-	    if (percent_decode(restval, &argdec) < 0)
+	    if (uri_percent_decode(restval, &argdec) < 0)
 		goto done;
 	    if ((xc = xml_find(x, name))==NULL ||
 		(xb = xml_find(xc, argdec))==NULL){
@@ -373,7 +373,7 @@ get(char      *dbname,
 		if (j>=nvalvec)
 		    break;
 		arg = valvec[j++];
-		if (percent_decode(arg, &argdec) < 0)
+		if (uri_percent_decode(arg, &argdec) < 0)
 		    goto done;
 		cprintf(cb, "[%s=%s]", cv_string_get(cvi), argdec);
 		free(argdec);
@@ -391,7 +391,7 @@ get(char      *dbname,
 			break;
 		    arg = valvec[j++];
 		    keyname = cv_string_get(cvi);
-		    if (percent_decode(arg, &argdec) < 0)
+		    if (uri_percent_decode(arg, &argdec) < 0)
 			goto done;
 		    if (create_keyvalues(xc,
 					 ykey,
@@ -681,7 +681,7 @@ put(char               *dbfile,
 	    goto done;
 	break;
     case Y_LEAF_LIST:
-	if (percent_encode(body, &bodyenc) < 0)
+	if (uri_percent_encode(body, &bodyenc) < 0)
 	    goto done;
 	cprintf(cbxk, "=%s", bodyenc);
 	break;

diff --git a/lib/clixon/clixon_string.h b/lib/clixon/clixon_string.h
@@ -74,8 +74,9 @@ static inline char * strdup4(char *str)
 char **clicon_strsep(char *string, char *delim, int  *nvec0);
 char *clicon_strjoin (int argc, char **argv, char *delim);
 int str2cvec(char *string, char delim1, char delim2, cvec **cvp);
-int percent_encode(char *str, char **escp);
-int percent_decode(char *esc, char **str);
+int uri_percent_encode(char *str, char **escp);
+int uri_percent_decode(char *esc, char **str);
+int xml_chardata_encode(char *str, char **escp);
 const char *clicon_int2str(const map_str2int *mstab, int i);
 int clicon_str2int(const map_str2int *mstab, char *str);