mirror of
https://github.com/processone/ejabberd.git
synced 2024-12-22 17:28:25 +01:00
Fix Denial of Service when user sends malformed publish stanza (thanks to Oleg Smirnov) (EJAB-1498)
This commit is contained in:
parent
9f4ae07100
commit
d5b4d67858
@ -2108,8 +2108,10 @@ publish_item(Host, ServerHost, Node, Publisher, ItemId, Payload) ->
|
||||
case lists:member("auto-create", features(Type)) of
|
||||
true ->
|
||||
case create_node(Host, ServerHost, Node, Publisher, Type) of
|
||||
{result, _} ->
|
||||
publish_item(Host, ServerHost, Node, Publisher, ItemId, Payload);
|
||||
{result, [{xmlelement, "pubsub", [{"xmlns", ?NS_PUBSUB}],
|
||||
[{xmlelement, "create", [{"node", NewNode}], []}]}]} ->
|
||||
publish_item(Host, ServerHost, list_to_binary(NewNode),
|
||||
Publisher, ItemId, Payload);
|
||||
_ ->
|
||||
{error, ?ERR_ITEM_NOT_FOUND}
|
||||
end;
|
||||
|
@ -1921,8 +1921,10 @@ publish_item(Host, ServerHost, Node, Publisher, ItemId, Payload) ->
|
||||
case lists:member("auto-create", features(Type)) of
|
||||
true ->
|
||||
case create_node(Host, ServerHost, Node, Publisher, Type) of
|
||||
{result, _} ->
|
||||
publish_item(Host, ServerHost, Node, Publisher, ItemId, Payload);
|
||||
{result, [{xmlelement, "pubsub", [{"xmlns", ?NS_PUBSUB}],
|
||||
[{xmlelement, "create", [{"node", NewNode}], []}]}]} ->
|
||||
publish_item(Host, ServerHost, list_to_binary(NewNode),
|
||||
Publisher, ItemId, Payload);
|
||||
_ ->
|
||||
{error, ?ERR_ITEM_NOT_FOUND}
|
||||
end;
|
||||
|
@ -1,5 +1,5 @@
|
||||
--- mod_pubsub.erl 2011-08-31 16:08:42.000000000 +0200
|
||||
+++ mod_pubsub_odbc.erl 2011-08-31 16:08:42.000000000 +0200
|
||||
--- mod_pubsub.erl 2011-09-21 14:37:16.000000000 +0200
|
||||
+++ mod_pubsub_odbc.erl 2011-09-21 14:37:36.000000000 +0200
|
||||
@@ -42,7 +42,7 @@
|
||||
%%% 6.2.3.1, 6.2.3.5, and 6.3. For information on subscription leases see
|
||||
%%% XEP-0060 section 12.18.
|
||||
@ -554,7 +554,7 @@
|
||||
case Result of
|
||||
default -> {result, Reply};
|
||||
_ -> {result, Result}
|
||||
@@ -2241,7 +2054,7 @@
|
||||
@@ -2243,7 +2056,7 @@
|
||||
%% <p>The permission are not checked in this function.</p>
|
||||
%% @todo We probably need to check that the user doing the query has the right
|
||||
%% to read the items.
|
||||
@ -563,7 +563,7 @@
|
||||
MaxItems =
|
||||
if
|
||||
SMaxItems == "" -> get_max_items_node(Host);
|
||||
@@ -2255,12 +2068,13 @@
|
||||
@@ -2257,12 +2070,13 @@
|
||||
{error, Error} ->
|
||||
{error, Error};
|
||||
_ ->
|
||||
@ -578,7 +578,7 @@
|
||||
{PresenceSubscription, RosterGroup} = get_presence_and_roster_permissions(Host, From, Owners, AccessModel, AllowedGroups),
|
||||
if
|
||||
not RetreiveFeature ->
|
||||
@@ -2273,11 +2087,11 @@
|
||||
@@ -2275,11 +2089,11 @@
|
||||
node_call(Type, get_items,
|
||||
[NodeId, From,
|
||||
AccessModel, PresenceSubscription, RosterGroup,
|
||||
@ -592,7 +592,7 @@
|
||||
SendItems = case ItemIDs of
|
||||
[] ->
|
||||
Items;
|
||||
@@ -2290,7 +2104,8 @@
|
||||
@@ -2292,7 +2106,8 @@
|
||||
%% number of items sent to MaxItems:
|
||||
{result, [{xmlelement, "pubsub", [{"xmlns", ?NS_PUBSUB}],
|
||||
[{xmlelement, "items", nodeAttr(Node),
|
||||
@ -602,7 +602,7 @@
|
||||
Error ->
|
||||
Error
|
||||
end
|
||||
@@ -2312,10 +2127,15 @@
|
||||
@@ -2314,10 +2129,15 @@
|
||||
Error -> Error
|
||||
end.
|
||||
get_allowed_items_call(Host, NodeIdx, From, Type, Options, Owners) ->
|
||||
@ -619,7 +619,7 @@
|
||||
|
||||
|
||||
%% @spec (Host, Node, NodeId, Type, LJID, Number) -> any()
|
||||
@@ -2327,31 +2147,29 @@
|
||||
@@ -2329,31 +2149,29 @@
|
||||
%% Number = last | integer()
|
||||
%% @doc <p>Resend the items of a node to the user.</p>
|
||||
%% @todo use cache-last-item feature
|
||||
@ -670,7 +670,7 @@
|
||||
ToSend = case node_action(Host, Type, get_items, [NodeId, LJID]) of
|
||||
{result, []} ->
|
||||
[];
|
||||
@@ -2374,20 +2192,7 @@
|
||||
@@ -2376,20 +2194,7 @@
|
||||
[{xmlelement, "items", nodeAttr(Node),
|
||||
itemsEls(ToSend)}])
|
||||
end,
|
||||
@ -692,7 +692,7 @@
|
||||
|
||||
%% @spec (Host, JID, Plugins) -> {error, Reason} | {result, Response}
|
||||
%% Host = host()
|
||||
@@ -2489,7 +2294,8 @@
|
||||
@@ -2491,7 +2296,8 @@
|
||||
error ->
|
||||
{error, ?ERR_BAD_REQUEST};
|
||||
_ ->
|
||||
@ -702,7 +702,7 @@
|
||||
case lists:member(Owner, Owners) of
|
||||
true ->
|
||||
OwnerJID = jlib:make_jid(Owner),
|
||||
@@ -2499,24 +2305,7 @@
|
||||
@@ -2501,24 +2307,7 @@
|
||||
end,
|
||||
lists:foreach(
|
||||
fun({JID, Affiliation}) ->
|
||||
@ -728,7 +728,7 @@
|
||||
end, FilteredEntities),
|
||||
{result, []};
|
||||
_ ->
|
||||
@@ -2569,11 +2358,11 @@
|
||||
@@ -2571,11 +2360,11 @@
|
||||
end.
|
||||
|
||||
read_sub(Subscriber, Node, NodeID, SubID, Lang) ->
|
||||
@ -742,7 +742,7 @@
|
||||
OptionsEl = {xmlelement, "options", [{"jid", jlib:jid_to_string(Subscriber)},
|
||||
{"subid", SubID}|nodeAttr(Node)],
|
||||
[XdataEl]},
|
||||
@@ -2599,7 +2388,7 @@
|
||||
@@ -2601,7 +2390,7 @@
|
||||
end.
|
||||
|
||||
set_options_helper(Configuration, JID, NodeID, SubID, Type) ->
|
||||
@ -751,7 +751,7 @@
|
||||
{result, GoodSubOpts} -> GoodSubOpts;
|
||||
_ -> invalid
|
||||
end,
|
||||
@@ -2628,7 +2417,7 @@
|
||||
@@ -2630,7 +2419,7 @@
|
||||
write_sub(_Subscriber, _NodeID, _SubID, invalid) ->
|
||||
{error, extended_error(?ERR_BAD_REQUEST, "invalid-options")};
|
||||
write_sub(Subscriber, NodeID, SubID, Options) ->
|
||||
@ -760,7 +760,7 @@
|
||||
{error, notfound} ->
|
||||
{error, extended_error(?ERR_NOT_ACCEPTABLE, "invalid-subid")};
|
||||
{result, _} ->
|
||||
@@ -2796,8 +2585,8 @@
|
||||
@@ -2798,8 +2587,8 @@
|
||||
{"subscription", subscription_to_string(Sub)} | nodeAttr(Node)], []}]}]},
|
||||
ejabberd_router:route(service_jid(Host), jlib:make_jid(JID), Stanza)
|
||||
end,
|
||||
@ -771,7 +771,7 @@
|
||||
true ->
|
||||
Result = lists:foldl(fun({JID, Subscription, SubId}, Acc) ->
|
||||
|
||||
@@ -3152,7 +2941,7 @@
|
||||
@@ -3154,7 +2943,7 @@
|
||||
{Depth, [{N, get_node_subs(N)} || N <- Nodes]}
|
||||
end, tree_call(Host, get_parentnodes_tree, [Host, Node, service_jid(Host)]))}
|
||||
end,
|
||||
@ -780,7 +780,7 @@
|
||||
{result, CollSubs} -> CollSubs;
|
||||
_ -> []
|
||||
end.
|
||||
@@ -3166,9 +2955,9 @@
|
||||
@@ -3168,9 +2957,9 @@
|
||||
|
||||
get_options_for_subs(NodeID, Subs) ->
|
||||
lists:foldl(fun({JID, subscribed, SubID}, Acc) ->
|
||||
@ -792,7 +792,7 @@
|
||||
_ -> Acc
|
||||
end;
|
||||
(_, Acc) ->
|
||||
@@ -3357,6 +3146,30 @@
|
||||
@@ -3359,6 +3148,30 @@
|
||||
Result
|
||||
end.
|
||||
|
||||
@ -823,7 +823,7 @@
|
||||
%% @spec (Host, Options) -> MaxItems
|
||||
%% Host = host()
|
||||
%% Options = [Option]
|
||||
@@ -3753,7 +3566,13 @@
|
||||
@@ -3755,7 +3568,13 @@
|
||||
tree_action(Host, Function, Args) ->
|
||||
?DEBUG("tree_action ~p ~p ~p",[Host,Function,Args]),
|
||||
Fun = fun() -> tree_call(Host, Function, Args) end,
|
||||
@ -838,7 +838,7 @@
|
||||
|
||||
%% @doc <p>node plugin call.</p>
|
||||
node_call(Type, Function, Args) ->
|
||||
@@ -3773,13 +3592,13 @@
|
||||
@@ -3775,13 +3594,13 @@
|
||||
|
||||
node_action(Host, Type, Function, Args) ->
|
||||
?DEBUG("node_action ~p ~p ~p ~p",[Host,Type,Function,Args]),
|
||||
@ -854,7 +854,7 @@
|
||||
case tree_call(Host, get_node, [Host, Node]) of
|
||||
N when is_record(N, pubsub_node) ->
|
||||
case Action(N) of
|
||||
@@ -3791,13 +3610,19 @@
|
||||
@@ -3793,13 +3612,19 @@
|
||||
Error
|
||||
end
|
||||
end, Trans).
|
||||
@ -878,7 +878,7 @@
|
||||
{result, Result} -> {result, Result};
|
||||
{error, Error} -> {error, Error};
|
||||
{atomic, {result, Result}} -> {result, Result};
|
||||
@@ -3805,6 +3630,15 @@
|
||||
@@ -3807,6 +3632,15 @@
|
||||
{aborted, Reason} ->
|
||||
?ERROR_MSG("transaction return internal error: ~p~n", [{aborted, Reason}]),
|
||||
{error, ?ERR_INTERNAL_SERVER_ERROR};
|
||||
@ -894,7 +894,7 @@
|
||||
{'EXIT', Reason} ->
|
||||
?ERROR_MSG("transaction return internal error: ~p~n", [{'EXIT', Reason}]),
|
||||
{error, ?ERR_INTERNAL_SERVER_ERROR};
|
||||
@@ -3813,6 +3647,17 @@
|
||||
@@ -3815,6 +3649,17 @@
|
||||
{error, ?ERR_INTERNAL_SERVER_ERROR}
|
||||
end.
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user