Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp3265910pxb;
        Fri, 12 Feb 2021 13:45:37 -0800 (PST)
X-Google-Smtp-Source: ABdhPJxaRdFvaD4/Gb+T8CjYovDkvBQrVIvQlo9/yGqUaTC8ih1e4BeF5UqVR8fkLVurKGxNPYPz
X-Received: by 2002:a05:6402:5107:: with SMTP id m7mr5401194edd.52.1613166336843;
        Fri, 12 Feb 2021 13:45:36 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1613166336; cv=none;
        d=google.com; s=arc-20160816;
        b=rB/zYm2nDAePPQLtrTEqOR4I9sqxrmnafcMNYcRIGq2Ojcz2am9nTOJt1483nT+mKN
         zcDCffAGHDRqtp+J/0erS93+xcDeE3kaumX2yf76yABA+IA+Vrhclo/AwGCzcSvjTkLk
         InBsT38mMF/qh59jXsbfwDan/q239Dr4OpcLtK5OmDKOLkC1JVsH5f1tk0jD5eE1EnPt
         esqYvsdmx0x5HAnqFVcrevdAFGylvd+DTHmV5KaBQ2UIKpetbZj4QEzEaY1P2W17/ZMG
         BdtN+Smi+7lNQaazz4rruioxqWJXcM6D0UZMuJZzBnYUdQZ0nxTYh4BImZNtpwYwAJpE
         NbAA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :ironport-sdr:ironport-sdr;
        bh=cXHJIsgolYwep3jQwOHsbkvQyur+8LBhdHEmao5uUoE=;
        b=CWCYNy9KROlHZCDsga/x2RtQUHMslNg1bb9nvIYUFTxk6DUF3cYlWRJ0KCPEKd8zWv
         Rz0whd5aLCsvDfHTUYqwgDdJaSlrU2VCQyT24cCWS/kiMNQyrKl2Zy21kazOdJtwfIa9
         lQcjuNYUDO+fu8I0iGQwL5PAczqVBge/Y4k0+ZAjPplA+Tm53eJElCEpFybygL4Bfs60
         SEjgU7mn/J6foCeYCSDPPu8JSI9YVeyddE0qI4fZrg3jxUPE8Ac8a7rG8kizzkVPi8+V
         m6dGw94QrqGdjwe0yQEjpWlvs5dwmPm9QOkobcNll9fPY/TaurYFXXifjfZhgYZpadnd
         K2Ng==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-bluetooth-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id ci1si7059253ejc.348.2021.02.12.13.44.56;
        Fri, 12 Feb 2021 13:45:36 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231175AbhBLVni (ORCPT <rfc822;maitysanchayan@gmail.com>
        + 99 others); Fri, 12 Feb 2021 16:43:38 -0500
Received: from mga06.intel.com ([134.134.136.31]:54934 "EHLO mga06.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S229497AbhBLVnh (ORCPT <rfc822;linux-bluetooth@vger.kernel.org>);
        Fri, 12 Feb 2021 16:43:37 -0500
IronPort-SDR: i+lfiDj45kL81G/e4m8HvMaKRwFwx3B0gqWitSF8o9AnVOqiQqW7eM1kfqH4p9OzbPXBdQT8qV
 tQb9+tD/foyg==
X-IronPort-AV: E=McAfee;i="6000,8403,9893"; a="243967600"
X-IronPort-AV: E=Sophos;i="5.81,174,1610438400"; 
   d="scan'208";a="243967600"
Received: from fmsmga004.fm.intel.com ([10.253.24.48])
  by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Feb 2021 13:42:54 -0800
IronPort-SDR: LA9pWhiVXV/LplR36mcgrrd02EAxua3hrBJXzISF8mrAQRZHyTESTKT+MXvuLTgN00xVZEtRhC
 9U+y+XZqy9Cw==
X-IronPort-AV: E=Sophos;i="5.81,174,1610438400"; 
   d="scan'208";a="416116345"
Received: from dmoore1-mobl2.amr.corp.intel.com (HELO istotlan-desk.intel.com) ([10.209.2.150])
  by fmsmga004-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Feb 2021 13:42:54 -0800
From:   Inga Stotland <inga.stotland@intel.com>
To:     linux-bluetooth@vger.kernel.org
Cc:     brian.gix@intel.com, michal.lowas-rzechonek@silvair.com,
        Inga Stotland <inga.stotland@intel.com>
Subject: [PATCH BlueZ v2 2/4] mesh: Add validation of Device UUID value
Date:   Fri, 12 Feb 2021 13:42:42 -0800
Message-Id: <20210212214244.74995-3-inga.stotland@intel.com>
X-Mailer: git-send-email 2.26.2
In-Reply-To: <20210212214244.74995-1-inga.stotland@intel.com>
References: <20210212214244.74995-1-inga.stotland@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk
List-ID: <linux-bluetooth.vger.kernel.org>
X-Mailing-List: linux-bluetooth@vger.kernel.org

Validate that the value of Device UUID supplied in
CreateNetwork/Join/Import methods is compliant with RFC 4122.
---
 Makefile.am |  6 ++++--
 mesh/mesh.c | 18 +++++++++---------
 2 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/Makefile.am b/Makefile.am
index d0f979586..86f3409c3 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -134,7 +134,8 @@ ell_headers = ell/util.h \
 			ell/base64.h \
 			ell/asn1-private.h \
 			ell/cert-private.h \
-			ell/pem-private.h
+			ell/pem-private.h \
+			ell/uuid.h
 
 ell_sources = ell/private.h ell/missing.h \
 			ell/util.c \
@@ -169,7 +170,8 @@ ell_sources = ell/private.h ell/missing.h \
 			ell/gvariant-private.h \
 			ell/gvariant-util.c \
 			ell/siphash-private.h \
-			ell/siphash.c
+			ell/siphash.c \
+			ell/uuid.c
 
 ell_libell_internal_la_SOURCES = $(ell_headers) $(ell_sources)
 endif
diff --git a/mesh/mesh.c b/mesh/mesh.c
index f29e8b6be..62d650328 100644
--- a/mesh/mesh.c
+++ b/mesh/mesh.c
@@ -533,7 +533,7 @@ static struct l_dbus_message *join_network_call(struct l_dbus *dbus,
 						void *user_data)
 {
 	const char *app_path, *sender;
-	struct l_dbus_message_iter iter_uuid;
+	struct l_dbus_message_iter iter;
 	uint32_t n;
 
 	l_debug("Join network request");
@@ -543,14 +543,13 @@ static struct l_dbus_message *join_network_call(struct l_dbus *dbus,
 						"Provisioning in progress");
 
 	if (!l_dbus_message_get_arguments(msg, "oay", &app_path,
-								&iter_uuid))
+								&iter))
 		return dbus_error(msg, MESH_ERROR_INVALID_ARGS, NULL);
 
 	join_pending = l_new(struct join_data, 1);
 
-	if (!l_dbus_message_iter_get_fixed_array(&iter_uuid,
-						&join_pending->uuid, &n)
-								|| n != 16) {
+	if (!l_dbus_message_iter_get_fixed_array(&iter, &join_pending->uuid, &n)
+			|| n != 16 || !l_uuid_is_valid(join_pending->uuid)) {
 		l_free(join_pending);
 		join_pending = NULL;
 		return dbus_error(msg, MESH_ERROR_INVALID_ARGS,
@@ -785,8 +784,8 @@ static struct l_dbus_message *create_network_call(struct l_dbus *dbus,
 								&iter_uuid))
 		return dbus_error(msg, MESH_ERROR_INVALID_ARGS, NULL);
 
-	if (!l_dbus_message_iter_get_fixed_array(&iter_uuid, &uuid, &n)
-								|| n != 16)
+	if (!l_dbus_message_iter_get_fixed_array(&iter_uuid, &uuid, &n) ||
+					n != 16 || !l_uuid_is_valid(uuid))
 		return dbus_error(msg, MESH_ERROR_INVALID_ARGS,
 							"Bad device UUID");
 
@@ -835,8 +834,9 @@ static struct l_dbus_message *import_call(struct l_dbus *dbus,
 		return dbus_error(msg, MESH_ERROR_INVALID_ARGS, NULL);
 
 	if (!l_dbus_message_iter_get_fixed_array(&iter_uuid, &uuid, &n) ||
-									n != 16)
-		return dbus_error(msg, MESH_ERROR_INVALID_ARGS, "Bad dev UUID");
+					n != 16 || !l_uuid_is_valid(uuid))
+		return dbus_error(msg, MESH_ERROR_INVALID_ARGS,
+							"Bad device UUID");
 
 	if (node_find_by_uuid(uuid))
 		return dbus_error(msg, MESH_ERROR_ALREADY_EXISTS,
-- 
2.26.2