commit 097435fca7e52b7f6c9d7f26c8e247366e4e3ef5
author Patrick Venture <venture@google.com> Thu Aug 15 07:39:48 2019 -0700
committer Patrick Venture <venture@google.com> Thu Aug 15 09:59:31 2019 -0700
tree c3517bf067e741dcc3ceed8c2a8fd88ae256d092
parent 69abbc6a6a483061e40e2dc68511dbf424a3b96a

bmc: require blob ids to start with /flash/

Signed-off-by: Patrick Venture <venture@google.com>
Change-Id: Ib6a0db91d4e2ecd7e7cc3c51ddc1953d9fd8da3c

bmc/buildjson.cpp

diff --git a/bmc/buildjson.cpp b/bmc/buildjson.cpp
index 6f9c319..19a08a1 100644
--- a/bmc/buildjson.cpp
+++ b/bmc/buildjson.cpp
@@ -27,6 +27,7 @@
 #include <fstream>
 #include <nlohmann/json.hpp>
 #include <phosphor-logging/log.hpp>
+#include <regex>
 #include <sdbusplus/bus.hpp>
 #include <string>
 #include <vector>
@@ -66,6 +67,14 @@
             /* at() throws an exception when the key is not present. */
             item.at("blob").get_to(output.blobId);
 
+            /* name must be: /flash/... */
+            if (!std::regex_match(output.blobId, std::regex("^\\/flash\\/.+")))
+            {
+                throw std::runtime_error("Invalid blob name: '" +
+                                         output.blobId +
+                                         "' must start with /flash/");
+            }
+
             /* handler is required. */
             const auto& h = item.at("handler");
             const std::string handlerType = h.at("type");