Commit 418850b2 authored by Sergei Golubchik's avatar Sergei Golubchik

MDEV-23884 donor uses invalid SST methods

parent c0ac310e
...@@ -1667,24 +1667,65 @@ static int sst_donate_other (const char* method, ...@@ -1667,24 +1667,65 @@ static int sst_donate_other (const char* method,
return arg.err; return arg.err;
} }
/* return true if character can be a part of a filename */
static bool filename_char(int const c)
{
return isalnum(c) || (c == '-') || (c == '_') || (c == '.');
}
/* return true if character can be a part of an address string */
static bool address_char(int const c)
{
return filename_char(c) ||
(c == ':') || (c == '[') || (c == ']') || (c == '/');
}
static bool check_request_str(const char* const str,
bool (*check) (int c))
{
for (size_t i(0); str[i] != '\0'; ++i)
{
if (!check(str[i]))
{
WSREP_WARN("Illegal character in state transfer request: %i (%c).",
str[i], str[i]);
return true;
}
}
return false;
}
wsrep_cb_status_t wsrep_sst_donate_cb (void* app_ctx, void* recv_ctx, wsrep_cb_status_t wsrep_sst_donate_cb (void* app_ctx, void* recv_ctx,
const void* msg, size_t msg_len, const void* msg, size_t msg_len,
const wsrep_gtid_t* current_gtid, const wsrep_gtid_t* current_gtid,
const char* state, size_t state_len, const char* state, size_t state_len,
bool bypass) bool bypass)
{ {
/* This will be reset when sync callback is called.
* Should we set wsrep_ready to FALSE here too? */
wsrep_config_state.set(WSREP_MEMBER_DONOR);
const char* method = (char*)msg; const char* method = (char*)msg;
size_t method_len = strlen (method); size_t method_len = strlen (method);
if (check_request_str(method, filename_char))
{
WSREP_ERROR("Bad SST method name. SST canceled.");
return WSREP_CB_FAILURE;
}
const char* data = method + method_len + 1; const char* data = method + method_len + 1;
if (check_request_str(data, address_char))
{
WSREP_ERROR("Bad SST address string. SST canceled.");
return WSREP_CB_FAILURE;
}
char uuid_str[37]; char uuid_str[37];
wsrep_uuid_print (&current_gtid->uuid, uuid_str, sizeof(uuid_str)); wsrep_uuid_print (&current_gtid->uuid, uuid_str, sizeof(uuid_str));
/* This will be reset when sync callback is called.
* Should we set wsrep_ready to FALSE here too? */
wsrep_config_state.set(WSREP_MEMBER_DONOR);
wsp::env env(NULL); wsp::env env(NULL);
if (env.error()) if (env.error())
{ {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment