Add a pid controller size limit

Right now there is no limit, so someone could attack the bmc by adding a very large number of controllers. Create a limit so this isn't possible. Tested: Add / Remove functionality still works Change-Id: Ib408293431250d93b0af71616a1668f6a3d0904a Signed-off-by: James Feist <james.feist@linux.intel.com>
author: James Feist <james.feist@linux.intel.com> 2020-02-07 12:23:27 -0800
committer: James Feist <james.feist@linux.intel.com> 2020-02-10 20:23:25 +0000
commit: e69d9de2d9453ff301e727554dc74fa8bc0f8482 (patch)
tree: 05cd0a79fbb9eef301fa8edfc40a58604954c5bc
parent: 6ee7f774bf6393d48c7215e02d6dbf00322bc9f5 (diff)
download: bmcweb-e69d9de2d9453ff301e727554dc74fa8bc0f8482.tar.gz
bmcweb-e69d9de2d9453ff301e727554dc74fa8bc0f8482.zip
1 files changed, 33 insertions, 0 deletions
diff --git a/redfish-core/lib/managers.hpp b/redfish-core/lib/managers.hpp
index 623f8fe..b6d554f 100644
--- a/redfish-core/lib/managers.hpp
+++ b/redfish-core/lib/managers.hpp
@@ -1240,6 +1240,30 @@ struct SetPIDValues : std::enable_shared_from_this<SetPIDValues>
                     messages::internalError(self->asyncResp->res);
                     return;
                 }
+                const std::array<const char*, 3> configurations = {
+                    pidConfigurationIface, pidZoneConfigurationIface,
+                    stepwiseConfigurationIface};
+
+                // erase the paths we don't care about
+                for (auto it = mObj.begin(); it != mObj.end();)
+                {
+                    bool found = false;
+                    for (const auto& [interface, _] : it->second)
+                    {
+                        if (std::find(configurations.begin(),
+                                      configurations.end(),
+                                      interface) != configurations.end())
+                        {
+                            found = true;
+                            it++;
+                            break;
+                        }
+                    }
+                    if (!found)
+                    {
+                        it = mObj.erase(it);
+                    }
+                }
                 self->managedObj = std::move(mObj);
             },
             "xyz.openbmc_project.EntityManager", "/", objectManagerIface,
@@ -1446,6 +1470,15 @@ struct SetPIDValues : std::enable_shared_from_this<SetPIDValues>
                 }
 
                 BMCWEB_LOG_DEBUG << "Create new = " << createNewObject << "\n";
+
+                // arbitrary limit to avoid attacks
+                constexpr const size_t controllerLimit = 500;
+                if (createNewObject && managedObj.size() >= controllerLimit)
+                {
+                    messages::resourceExhaustion(response->res, type);
+                    continue;
+                }
+
                 output["Name"] = boost::replace_all_copy(name, "_", " ");
 
                 std::string chassis;
author	James Feist <james.feist@linux.intel.com>	2020-02-07 12:23:27 -0800
committer	James Feist <james.feist@linux.intel.com>	2020-02-10 20:23:25 +0000
commit	e69d9de2d9453ff301e727554dc74fa8bc0f8482 (patch)
tree	05cd0a79fbb9eef301fa8edfc40a58604954c5bc
parent	6ee7f774bf6393d48c7215e02d6dbf00322bc9f5 (diff)
download	bmcweb-e69d9de2d9453ff301e727554dc74fa8bc0f8482.tar.gz bmcweb-e69d9de2d9453ff301e727554dc74fa8bc0f8482.zip