diff options
Diffstat (limited to 'meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb/eventservice/0008-Add-checks-on-Event-Subscription-input-parameters.patch')
-rw-r--r-- | meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb/eventservice/0008-Add-checks-on-Event-Subscription-input-parameters.patch | 33 |
1 files changed, 16 insertions, 17 deletions
diff --git a/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb/eventservice/0008-Add-checks-on-Event-Subscription-input-parameters.patch b/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb/eventservice/0008-Add-checks-on-Event-Subscription-input-parameters.patch index 84ceb4ba8..a46708ee5 100644 --- a/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb/eventservice/0008-Add-checks-on-Event-Subscription-input-parameters.patch +++ b/meta-openbmc-mods/meta-common/recipes-phosphor/interfaces/bmcweb/eventservice/0008-Add-checks-on-Event-Subscription-input-parameters.patch @@ -1,4 +1,4 @@ -From 05fdea2bb8e486b058d137a067ce1f5c885d2a96 Mon Sep 17 00:00:00 2001 +From ee758f1f97890f51707e72b3c6b08c8c46c41595 Mon Sep 17 00:00:00 2001 From: Nitin Wankhade <nitinx.arunrao.wankhade@intel.com> Date: Mon, 28 Jun 2021 19:59:57 +0000 Subject: [PATCH] Add checks on Event Subscription input parameters @@ -16,17 +16,18 @@ Tested Change-Id: Iec2cd766c0e137b72706fc2da468d4fefd8fbaae Signed-off-by: Nitin Wankhade <nitinx.arunrao.wankhade@intel.com> +Signed-off-by: P Dheeraj Srujan Kumar <p.dheeraj.srujan.kumar@intel.com> --- - redfish-core/lib/event_service.hpp | 30 ++++++++++++++++++++++++++++++ - 1 file changed, 30 insertions(+) + redfish-core/lib/event_service.hpp | 26 ++++++++++++++++++++++++++ + 1 file changed, 26 insertions(+) diff --git a/redfish-core/lib/event_service.hpp b/redfish-core/lib/event_service.hpp -index 52b01e5..f8a1671 100644 +index 15e45dc..27dec86 100644 --- a/redfish-core/lib/event_service.hpp +++ b/redfish-core/lib/event_service.hpp -@@ -19,6 +19,10 @@ - #include <app.hpp> - #include <registries/privilege_registry.hpp> +@@ -22,6 +22,10 @@ + + #include <span> +#define MAX_CONTEXT_SIZE 256 +#define MAX_DESTINATION_SIZE 1024 @@ -35,7 +36,7 @@ index 52b01e5..f8a1671 100644 namespace redfish { static constexpr const std::array<const char*, 3> supportedRetryPolicies = { -@@ -220,6 +224,12 @@ inline void requestRoutesEventDestinationCollection(App& app) +@@ -223,6 +227,12 @@ inline void requestRoutesEventDestinationCollection(App& app) return; } @@ -48,7 +49,7 @@ index 52b01e5..f8a1671 100644 if (regPrefixes && msgIds) { if (regPrefixes->size() && msgIds->size()) -@@ -330,11 +340,31 @@ inline void requestRoutesEventDestinationCollection(App& app) +@@ -333,13 +343,29 @@ inline void requestRoutesEventDestinationCollection(App& app) if (context) { @@ -64,22 +65,20 @@ index 52b01e5..f8a1671 100644 { + size_t cumulativeLen = 0; + -+ for (nlohmann::json& itr : *headers) -+ { -+ std::string hdr{itr.dump( + for (const nlohmann::json& headerChunk : *headers) + { ++ std::string hdr{headerChunk.dump( + -1, ' ', true, nlohmann::json::error_handler_t::replace)}; + cumulativeLen += hdr.length(); -+ + if (cumulativeLen > MAX_HEADER_SIZE) + { + messages::propertySizeExceeded(asyncResp->res, + "HttpHeaders"); + return; + } -+ } - subValue->httpHeaders = *headers; - } - + for (const auto& item : headerChunk.items()) + { + const std::string* value = -- 2.17.1 |