Fix nlohmann::json::dump calls
The nlohmann::json::dump call needs to be called with specific arguments
to avoid throwing in failure cases. http connection already does this
properly, but a bunch of code has snuck in (mostly in redfish) that
ignores this, and calls it incorrectly. This can potentially lead to a
crash if the wrong thing throws on invalid UTF8 characters.
This audits the whole codebase, and replaces every dump() call with the
correct dump(2, ' ', true, nlohmann::json::error_handler_t::replace)
call. For correct output, the callers should expect no change, and in
practice, this would require injecting non-utf8 characters into the
BMC.
Tested:
Ran several of the endpoints/error conditions in question, including
some of the error cases. Observed correct responses. I don't know of a
security issue that would allow injecting invalid utf8 into the BMC, but
in theory if it were possible, this would prevent a crash.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I4a15b8e260e3db129bc20484ade4ed5449f75ad0
diff --git a/redfish-core/lib/ethernet.hpp b/redfish-core/lib/ethernet.hpp
index 159eda2..4dfef0f 100644
--- a/redfish-core/lib/ethernet.hpp
+++ b/redfish-core/lib/ethernet.hpp
@@ -1403,8 +1403,11 @@
{
if ((!input.is_array()) || input.empty())
{
- messages::propertyValueTypeError(asyncResp->res, input.dump(),
- "IPv4StaticAddresses");
+ messages::propertyValueTypeError(
+ asyncResp->res,
+ input.dump(2, ' ', true,
+ nlohmann::json::error_handler_t::replace),
+ "IPv4StaticAddresses");
return;
}
@@ -1432,7 +1435,10 @@
"Gateway", gateway))
{
messages::propertyValueFormatError(
- asyncResp->res, thisJson.dump(), pathString);
+ asyncResp->res,
+ thisJson.dump(2, ' ', true,
+ nlohmann::json::error_handler_t::replace),
+ pathString);
return;
}
@@ -1552,7 +1558,10 @@
return;
}
messages::propertyValueFormatError(
- asyncResp->res, thisJson.dump(), pathString);
+ asyncResp->res,
+ thisJson.dump(2, ' ', true,
+ nlohmann::json::error_handler_t::replace),
+ pathString);
return;
}
@@ -1598,8 +1607,11 @@
{
if (!input.is_array() || input.empty())
{
- messages::propertyValueTypeError(asyncResp->res, input.dump(),
- "IPv6StaticAddresses");
+ messages::propertyValueTypeError(
+ asyncResp->res,
+ input.dump(2, ' ', true,
+ nlohmann::json::error_handler_t::replace),
+ "IPv6StaticAddresses");
return;
}
size_t entryIdx = 1;
@@ -1620,7 +1632,10 @@
prefixLength))
{
messages::propertyValueFormatError(
- asyncResp->res, thisJson.dump(), pathString);
+ asyncResp->res,
+ thisJson.dump(2, ' ', true,
+ nlohmann::json::error_handler_t::replace),
+ pathString);
return;
}
@@ -1687,7 +1702,10 @@
return;
}
messages::propertyValueFormatError(
- asyncResp->res, thisJson.dump(), pathString);
+ asyncResp->res,
+ thisJson.dump(2, ' ', true,
+ nlohmann::json::error_handler_t::replace),
+ pathString);
return;
}