From a82af17b7242d0ee3794f8252fe0b4375a4b1e72 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Mon, 21 Dec 2015 09:50:28 +0100 Subject: improved sanity checks for importcontext and telnet interface diff --git a/src/helsinki.at/rhimport/importer.go b/src/helsinki.at/rhimport/importer.go index 9be1257..df491d7 100644 --- a/src/helsinki.at/rhimport/importer.go +++ b/src/helsinki.at/rhimport/importer.go @@ -35,6 +35,11 @@ import ( "path" ) +const ( + CART_MAX = 999999 + CUT_MAX = 999 +) + var ( bool2str = map[bool]string{false: "0", true: "1"} ) @@ -100,6 +105,12 @@ func (ctx *ImportContext) SanityCheck() error { return fmt.Errorf("empty Password on untrusted control interface is not allowed") } if ctx.ShowId != 0 { + if ctx.ShowId != 0 && ctx.ShowId > CART_MAX { + return fmt.Errorf("ShowId %d is outside of allowed range (0 < show-id < %d)", ctx.ShowId, CART_MAX) + } + if ctx.Cart != 0 && ctx.Cart > CART_MAX { + return fmt.Errorf("Cart %d is outside of allowed range (0 < cart < %d)", ctx.Cart, CART_MAX) + } return nil } if ctx.GroupName != "" { @@ -118,6 +129,12 @@ func (ctx *ImportContext) SanityCheck() error { if ctx.Cart == 0 { return fmt.Errorf("either ShowId, PoolName or CartNumber must be supplied") } + if ctx.Cart > CART_MAX { + return fmt.Errorf("Cart %d is outside of allowed range (0 < cart < %d)", ctx.Cart, CART_MAX) + } + if ctx.Cut != 0 && ctx.Cut > CUT_MAX { + return fmt.Errorf("Cut %d is outside of allowed range (0 < cart < %d)", ctx.Cut, CUT_MAX) + } if ctx.Channels != 1 && ctx.Channels != 2 { return fmt.Errorf("channles must be 1 or 2") } diff --git a/src/helsinki.at/rhimportd/ctrlTelnet.go b/src/helsinki.at/rhimportd/ctrlTelnet.go index 4cbeb56..0c0b2be 100644 --- a/src/helsinki.at/rhimportd/ctrlTelnet.go +++ b/src/helsinki.at/rhimportd/ctrlTelnet.go @@ -159,6 +159,38 @@ func (c *TelnetClient) handle_cmd_help(args []string) { } } +func (c *TelnetClient) handle_cmd_set_string(param *string, val string) { + if val == "\"\"" || val == "''" { + *param = "" + } else { + *param = val + } +} + +func (c *TelnetClient) handle_cmd_set_int(param *int, val string) { + if vint, err := strconv.ParseInt(val, 10, 32); err != nil { + c.say("invalid value (must be an integer)") + } else { + *param = int(vint) + } +} + +func (c *TelnetClient) handle_cmd_set_uint(param *uint, val string) { + if vuint, err := strconv.ParseUint(val, 10, 32); err != nil { + c.say("invalid value (must be a positive integer)") + } else { + *param = uint(vuint) + } +} + +func (c *TelnetClient) handle_cmd_set_bool(param *bool, val string) { + if vbool, err := strconv.ParseBool(val); err != nil { + c.say("invalid value (must be true or false)") + } else { + *param = vbool + } +} + func (c *TelnetClient) handle_cmd_set(args []string) { if len(args) != 2 { c.say("wrong number of arguments") @@ -170,83 +202,31 @@ func (c *TelnetClient) handle_cmd_set(args []string) { } switch strings.ToLower(args[0]) { case "username": - if args[1] == "\"\"" || args[1] == "''" { - c.ctx.UserName = "" - } else { - c.ctx.UserName = args[1] - } + c.handle_cmd_set_string(&c.ctx.UserName, args[1]) case "password": - if args[1] == "\"\"" || args[1] == "''" { - c.ctx.Password = "" - } else { - c.ctx.Password = args[1] - } + c.handle_cmd_set_string(&c.ctx.Password, args[1]) case "sourceuri": - if args[1] == "\"\"" || args[1] == "''" { - c.ctx.SourceUri = "" - } else { - c.ctx.SourceUri = args[1] - } + c.handle_cmd_set_string(&c.ctx.SourceUri, args[1]) case "showid": - if id, err := strconv.ParseUint(args[1], 10, 32); err != nil { - c.say("invalid value (must be an positive integer)") - } else { - c.ctx.ShowId = uint(id) - } + c.handle_cmd_set_uint(&c.ctx.ShowId, args[1]) case "clearshowcarts": - if val, err := strconv.ParseBool(args[1]); err != nil { - c.say("invalid value (must be true or false)") - } else { - c.ctx.ClearShowCarts = val - } + c.handle_cmd_set_bool(&c.ctx.ClearShowCarts, args[1]) case "groupname": - if args[1] == "\"\"" || args[1] == "''" { - c.ctx.GroupName = "" - } else { - c.ctx.GroupName = args[1] - } + c.handle_cmd_set_string(&c.ctx.GroupName, args[1]) case "cart": - if cart, err := strconv.ParseUint(args[1], 10, 32); err != nil { - c.say("invalid value (must be an positive integer)") - } else { - c.ctx.Cart = uint(cart) - } + c.handle_cmd_set_uint(&c.ctx.Cart, args[1]) case "clearcart": - if val, err := strconv.ParseBool(args[1]); err != nil { - c.say("invalid value (must be true or false)") - } else { - c.ctx.ClearCart = val - } + c.handle_cmd_set_bool(&c.ctx.ClearCart, args[1]) case "cut": - if cut, err := strconv.ParseUint(args[1], 10, 32); err != nil { - c.say("invalid value (must be an positive integer)") - } else { - c.ctx.Cut = uint(cut) - } + c.handle_cmd_set_uint(&c.ctx.Cut, args[1]) case "channels": - if channels, err := strconv.ParseUint(args[1], 10, 32); err != nil { - c.say("invalid value (must be an positive integer)") - } else { - c.ctx.Channels = uint(channels) - } + c.handle_cmd_set_uint(&c.ctx.Channels, args[1]) case "normalizationlevel": - if normalizationlevel, err := strconv.ParseInt(args[1], 10, 32); err != nil { - c.say("invalid value (must be an positive integer)") - } else { - c.ctx.NormalizationLevel = int(normalizationlevel) - } + c.handle_cmd_set_int(&c.ctx.NormalizationLevel, args[1]) case "autotrimlevel": - if autotrimlevel, err := strconv.ParseInt(args[1], 10, 32); err != nil { - c.say("invalid value (must be an positive integer)") - } else { - c.ctx.AutotrimLevel = int(autotrimlevel) - } + c.handle_cmd_set_int(&c.ctx.AutotrimLevel, args[1]) case "usemetadata": - if val, err := strconv.ParseBool(args[1]); err != nil { - c.say("invalid value (must be true or false)") - } else { - c.ctx.UseMetaData = val - } + c.handle_cmd_set_bool(&c.ctx.UseMetaData, args[1]) default: c.say("unknown parameter, use 'help set' for a list of available parameters") } -- cgit v0.10.2