From b07cca0bb59300fe193015f1a8361448af72d05b Mon Sep 17 00:00:00 2001 From: dec05eba Date: Sun, 27 Sep 2020 09:46:29 +0200 Subject: Validate json type after parsing --- src/plugins/Fourchan.cpp | 9 +++++++++ src/plugins/Mangadex.cpp | 6 ++++++ src/plugins/Matrix.cpp | 9 ++++++--- 3 files changed, 21 insertions(+), 3 deletions(-) (limited to 'src/plugins') diff --git a/src/plugins/Fourchan.cpp b/src/plugins/Fourchan.cpp index a70070e..5da2961 100644 --- a/src/plugins/Fourchan.cpp +++ b/src/plugins/Fourchan.cpp @@ -93,6 +93,9 @@ namespace QuickMedia { return PluginResult::ERR; } + if(!json_root.isObject()) + return PluginResult::ERR; + const Json::Value &boards = json_root["boards"]; if(boards.isArray()) { for(const Json::Value &board : boards) { @@ -412,6 +415,9 @@ namespace QuickMedia { return PluginResult::ERR; } + if(!json_root.isObject()) + return PluginResult::ERR; + std::unordered_map comment_by_postno; const Json::Value &posts = json_root["posts"]; @@ -632,6 +638,9 @@ namespace QuickMedia { return PluginResult::ERR; } + if(!json_root.isObject()) + return PluginResult::ERR; + const Json::Value &status_json = json_root["status"]; if(!status_json.isNumeric()) return PluginResult::ERR; diff --git a/src/plugins/Mangadex.cpp b/src/plugins/Mangadex.cpp index 6a8f8a7..fcbd23e 100644 --- a/src/plugins/Mangadex.cpp +++ b/src/plugins/Mangadex.cpp @@ -52,6 +52,9 @@ namespace QuickMedia { return SearchResult::ERR; } + if(!json_root.isObject()) + return SearchResult::ERR; + Json::Value &status_json = json_root["status"]; if(!status_json.isString() || status_json.asString() != "OK") return SearchResult::ERR; @@ -287,6 +290,9 @@ namespace QuickMedia { return ImageResult::ERR; } + if(!json_root.isObject()) + return ImageResult::ERR; + Json::Value &status_json = json_root["status"]; if(!status_json.isString() || status_json.asString() != "OK") return ImageResult::ERR; diff --git a/src/plugins/Matrix.cpp b/src/plugins/Matrix.cpp index 71e451d..3ce6ffd 100644 --- a/src/plugins/Matrix.cpp +++ b/src/plugins/Matrix.cpp @@ -572,7 +572,7 @@ namespace QuickMedia { { "-H", "Authorization: Bearer " + access_token } }; - std::string filter = url_param_encode(Json::writeString(builder, request_data)); + std::string filter = url_param_encode(Json::writeString(builder, std::move(request_data))); char url[512]; snprintf(url, sizeof(url), "%s/_matrix/client/r0/rooms/%s/messages?from=%s&limit=20&dir=b&filter=%s", homeserver.c_str(), room_id.c_str(), from.c_str(), filter.c_str()); @@ -704,7 +704,7 @@ namespace QuickMedia { { "-X", "PUT" }, { "-H", "content-type: application/json" }, { "-H", "Authorization: Bearer " + access_token }, - { "--data-binary", Json::writeString(builder, request_data) } + { "--data-binary", Json::writeString(builder, std::move(request_data)) } }; char request_url[512]; @@ -874,7 +874,7 @@ namespace QuickMedia { std::vector additional_args = { { "-X", "POST" }, { "-H", "content-type: application/json" }, - { "--data-binary", Json::writeString(builder, request_data) } + { "--data-binary", Json::writeString(builder, std::move(request_data)) } }; std::string server_response; @@ -956,6 +956,9 @@ namespace QuickMedia { return PluginResult::ERR; } + if(!json_root.isObject()) + return PluginResult::ERR; + const Json::Value &user_id_json = json_root["user_id"]; if(!user_id_json.isString()) { fprintf(stderr, "Failed to parse matrix cached session response\n"); -- cgit v1.2.3