>> We probably don't need to go as far as parsing the JSON query to ensure
>> that '%x' substitutions happen only in values and not in keys...
>
> I think it would be preferable to do this, as it catches human error that
> would result in an insecure system. One just needs to ensure that keys
> keys never have a % that is not followed by another %. JSON syntax rules
> mean that a % cannot appear anywhere else.
This is not too hard to do if you guys think it would make for a safer
implementation.
Maybe something like this can be added at line 409 (before query_string
expansion):
bson_iter_t iter;
const char *key = NULL;
query = bson_new_from_json(dict_mongodb->query_filter, -1, &error);
if (!query) {
msg_warn("%s:%s: failed to create a query from '%s' : %s",
dict_mongodb->dict.type, dict_mongodb->dict.name,
vstring_str(dict_mongodb->query_filter), error.message);
DICT_MONGODB_LOOKUP_ERR_RETURN(DICT_ERR_RETRY);
}
if (bson_iter_init(&iter, query)) {
while (bson_iter_next(&iter)) {
key = bson_iter_key(&iter);
if (strchr(key, '%')) {
msg_panic("keys in query can not have %% expansions!");
bson_destroy(query);
DICT_MONGODB_LOOKUP_ERR_RETURN(DICT_ERR_RETRY);
}
}
}
bson_destroy(query);
This code doesn't take into account arrays in query right now. If need be, we
can create
a function to check keys and iterate arrays as well (for example, the $or
operator has
an array of objects as operand, each object has its own keys).
By the way, I have ran all the tests I originally run on my code, and they all
passed
with the code from
https://github.com/wietse-postfix/postfix-dukhovni/tree/mongodb
Regards
Hamid Maadani
_______________________________________________
Postfix-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
