[open-ils-commits] r12046 - trunk/Open-ILS/src/c-apps
svn at svn.open-ils.org
svn at svn.open-ils.org
Tue Feb 3 12:53:50 EST 2009
Author: scottmk
Date: 2009-02-03 12:53:48 -0500 (Tue, 03 Feb 2009)
New Revision: 12046
Modified:
trunk/Open-ILS/src/c-apps/oils_cstore.c
Log:
Added a couple of sanity checks to SELECT(). Return NULL if
(1) the input jsonObject for the join tree is neither a hash,
nor an array, nor a string; or (2) it's a hash with more than
one element.
Modified: trunk/Open-ILS/src/c-apps/oils_cstore.c
===================================================================
--- trunk/Open-ILS/src/c-apps/oils_cstore.c 2009-02-03 17:33:51 UTC (rev 12045)
+++ trunk/Open-ILS/src/c-apps/oils_cstore.c 2009-02-03 17:53:48 UTC (rev 12046)
@@ -2353,9 +2353,15 @@
core_class = strdup( tmp_itr->key );
join_hash = snode;
+
+ jsonObject* extra = jsonIteratorNext( tmp_itr );
jsonIteratorFree( tmp_itr );
snode = NULL;
+
+ // There shouldn't be more than one entry in join_hash
+ if( extra )
+ return NULL; // Malformed join_hash; extra entry
} else if (join_hash->type == JSON_ARRAY) {
from_function = 1;
@@ -2365,6 +2371,8 @@
core_class = jsonObjectToSimpleString( join_hash );
join_hash = NULL;
}
+ else
+ return NULL;
// punt if we don't know about the core class (and it's not a function)
if (!from_function && !(core_meta = osrfHashGet( oilsIDL(), core_class ))) {
More information about the open-ils-commits
mailing list