diff options
Diffstat (limited to 'bmc')
-rw-r--r-- | bmc/buildjson.cpp | 9 | ||||
-rw-r--r-- | bmc/test/firmware_json_unittest.cpp | 62 |
2 files changed, 71 insertions, 0 deletions
diff --git a/bmc/buildjson.cpp b/bmc/buildjson.cpp index 6f9c319..19a08a1 100644 --- a/bmc/buildjson.cpp +++ b/bmc/buildjson.cpp @@ -27,6 +27,7 @@ #include <fstream> #include <nlohmann/json.hpp> #include <phosphor-logging/log.hpp> +#include <regex> #include <sdbusplus/bus.hpp> #include <string> #include <vector> @@ -66,6 +67,14 @@ std::vector<HandlerConfig> buildHandlerFromJson(const nlohmann::json& data) /* at() throws an exception when the key is not present. */ item.at("blob").get_to(output.blobId); + /* name must be: /flash/... */ + if (!std::regex_match(output.blobId, std::regex("^\\/flash\\/.+"))) + { + throw std::runtime_error("Invalid blob name: '" + + output.blobId + + "' must start with /flash/"); + } + /* handler is required. */ const auto& h = item.at("handler"); const std::string handlerType = h.at("type"); diff --git a/bmc/test/firmware_json_unittest.cpp b/bmc/test/firmware_json_unittest.cpp index 66b9db9..bb2585d 100644 --- a/bmc/test/firmware_json_unittest.cpp +++ b/bmc/test/firmware_json_unittest.cpp @@ -301,6 +301,68 @@ TEST(FirmwareJsonTest, TwoConfigsOneInvalidReturnsValid) * TODO: Only allow unique handler blob paths (tested at a higher level). */ +TEST(FirmwareJsonTest, VerifyBlobNameMatches) +{ + /* A perfect configuration except the blob name doesn't start with "/flash/" + */ + auto j2 = R"( + [{ + "blob" : "bmc-image-flash", + "handler" : { + "type" : "file", + "path" : "/run/initramfs/bmc-image" + }, + "actions" : { + "preparation" : { + "type" : "systemd", + "unit" : "phosphor-ipmi-flash-bmc-prepare.target" + }, + "verification" : { + "type" : "fileSystemdVerify", + "unit" : "phosphor-ipmi-flash-bmc-verify.target", + "path" : "/tmp/bmc.verify" + }, + "update" : { + "type" : "reboot" + } + } + }] + )"_json; + + EXPECT_THAT(buildHandlerFromJson(j2), IsEmpty()); +} + +TEST(FirmwareJsonTest, VerifyMinimumBlobNameLength) +{ + /* A perfect configuration except the blob name is effectively zero length. + */ + auto j2 = R"( + [{ + "blob" : "/flash/", + "handler" : { + "type" : "file", + "path" : "/run/initramfs/bmc-image" + }, + "actions" : { + "preparation" : { + "type" : "systemd", + "unit" : "phosphor-ipmi-flash-bmc-prepare.target" + }, + "verification" : { + "type" : "fileSystemdVerify", + "unit" : "phosphor-ipmi-flash-bmc-verify.target", + "path" : "/tmp/bmc.verify" + }, + "update" : { + "type" : "reboot" + } + } + }] + )"_json; + + EXPECT_THAT(buildHandlerFromJson(j2), IsEmpty()); +} + TEST(FirmwareJsonTest, VerifySystemdWithReboot) { auto j2 = R"( |