Added a couple of sanity checks to SELECT(). Return NULL if

(1) the input jsonObject for the join tree is neither a hash,
nor an array, nor a string; or (2) it's a hash with more than
one element.

git-svn-id: svn://svn.open-ils.org/ILS/trunk@12046 dcc99617-32d9-48b4-a31d-7c20da2025e4

diff --git a/Open-ILS/src/c-apps/oils_cstore.c b/Open-ILS/src/c-apps/oils_cstore.c
index 6f022a7..b8f37c7 100644 (file)
--- a/Open-ILS/src/c-apps/oils_cstore.c
+++ b/Open-ILS/src/c-apps/oils_cstore.c
@@ -2353,9 +2353,15 @@ static char* SELECT (
                
                core_class = strdup( tmp_itr->key );
                join_hash = snode;
+               
+               jsonObject* extra = jsonIteratorNext( tmp_itr );
 
                jsonIteratorFree( tmp_itr );
                snode = NULL;
+               
+               // There shouldn't be more than one entry in join_hash
+               if( extra )
+                       return NULL;    // Malformed join_hash; extra entry
 
        } else if (join_hash->type == JSON_ARRAY) {
         from_function = 1;
@@ -2365,6 +2371,8 @@ static char* SELECT (
                core_class = jsonObjectToSimpleString( join_hash );
                join_hash = NULL;
        }
+       else
+               return NULL;
 
        // punt if we don't know about the core class (and it's not a function)
        if (!from_function && !(core_meta = osrfHashGet( oilsIDL(), core_class ))) {