aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAnders Svensson <[email protected]>2015-03-26 12:52:04 +0100
committerAnders Svensson <[email protected]>2015-03-27 07:21:27 +0100
commit7edb0dd681b09df8865855eda1150e4a92b54a0a (patch)
treef5d7d062568fa6c94fcf9d33230b7e38acd1e7ee
parentf3e95a4d4278fda5a0648943020bdf0026219f7c (diff)
downloadotp-7edb0dd681b09df8865855eda1150e4a92b54a0a.tar.gz
otp-7edb0dd681b09df8865855eda1150e4a92b54a0a.tar.bz2
otp-7edb0dd681b09df8865855eda1150e4a92b54a0a.zip
Limit FQDN in DiameterURI to 255 octets
As for the port number in the parent commit, a FQDN can't be arbitrarily long, at most 255 octets. Make decode fail if it's more.
-rw-r--r--lib/diameter/doc/src/diameter_dict.xml2
-rw-r--r--lib/diameter/src/base/diameter_types.erl17
-rw-r--r--lib/diameter/test/diameter_codec_test.erl4
3 files changed, 10 insertions, 13 deletions
diff --git a/lib/diameter/doc/src/diameter_dict.xml b/lib/diameter/doc/src/diameter_dict.xml
index 9db9bcffde..5cf1b174a0 100644
--- a/lib/diameter/doc/src/diameter_dict.xml
+++ b/lib/diameter/doc/src/diameter_dict.xml
@@ -529,7 +529,7 @@ answer record and passed to a &app_handle_request;
callback upon reception of an incoming request.</p>
<p>
-In cases in which there is a choice between list() and binary() types
+In cases in which there is a choice between string() and binary() types
for OctetString() and derived types, the representation is determined
by the value of &mod_string_decode;.</p>
diff --git a/lib/diameter/src/base/diameter_types.erl b/lib/diameter/src/base/diameter_types.erl
index 96407efc09..87a0f0663d 100644
--- a/lib/diameter/src/base/diameter_types.erl
+++ b/lib/diameter/src/base/diameter_types.erl
@@ -93,7 +93,7 @@
case diameter_codec:getopt(string_decode) of
true ->
binary_to_list(Bin);
- _ ->
+ false ->
Bin
end;
@@ -565,7 +565,7 @@ msb(false) -> ?TIME_2036.
scan_uri(Bin) ->
RE = "^(aaas?)://"
- "([-a-zA-Z0-9.]+)"
+ "([-a-zA-Z0-9.]{1,255})"
"(:0{0,5}([0-9]{1,5}))?"
"(;transport=(tcp|sctp|udp))?"
"(;protocol=(diameter|radius|tacacs\\+))?$",
@@ -575,6 +575,9 @@ scan_uri(Bin) ->
%% [0-9]+ and it's not inconceivable that a value might be padded.
%% Don't fantasize about this padding being more than the number
%% of digits in the port number proper.
+ %%
+ %% Similarly, a FQDN can't be arbitrarily long: at most 255
+ %% octets.
{match, [A, DN, PN, T, P]} = re:run(Bin,
RE,
[{capture, [1,2,4,6,8], binary}]),
@@ -583,7 +586,7 @@ scan_uri(Bin) ->
PortNr = to_int(PN, PN0),
0 = PortNr bsr 16, %% assert
#diameter_uri{type = Type,
- fqdn = from_bin(DN),
+ fqdn = 'OctetString'(decode, DN),
port = PortNr,
transport = to_atom(T, T0),
protocol = to_atom(P, diameter)}.
@@ -596,14 +599,6 @@ defaults(6733, aaa) ->
defaults(6733, aaas) ->
{5658, tcp}.
-from_bin(B) ->
- case diameter_codec:getopt(string_decode) of
- true ->
- binary_to_list(B);
- false ->
- B
- end.
-
to_int(<<>>, N) ->
N;
to_int(B, _) ->
diff --git a/lib/diameter/test/diameter_codec_test.erl b/lib/diameter/test/diameter_codec_test.erl
index 11fa82cfa1..5f1dbfbd61 100644
--- a/lib/diameter/test/diameter_codec_test.erl
+++ b/lib/diameter/test/diameter_codec_test.erl
@@ -358,11 +358,13 @@ values('DiameterURI') ->
Pr <- ["" | [";protocol=" ++ X
|| X <- ["diameter","radius","tacacs+"]]],
Tr /= ";transport=udp"
- orelse (Pr /= ";protocol=diameter" andalso Pr /= "")],
+ orelse (Pr /= ";protocol=diameter" andalso Pr /= "")]
+ ++ ["aaa://" ++ lists:duplicate(255, $x)],
["aaa://diameter.se:65536",
"aaa://diameter.se:-1",
"aaa://diameter.se;transport=udp;protocol=diameter",
"aaa://diameter.se;transport=udp",
+ "aaa://" ++ lists:duplicate(256, $x),
"aaa://:3868",
"aaax://diameter.se",
"aaa://diameter.se;transport=tcpx",