From adbfd41981486c1a078fb2d09b145580b996f848 Mon Sep 17 00:00:00 2001
From: scottmk <scottmk@dcc99617-32d9-48b4-a31d-7c20da2025e4>
Date: Fri, 13 Mar 2009 04:00:33 +0000
Subject: [PATCH] Tightened the input validation in searchWHERE().  It now
 complains about an empty JSON object or empty JSON array, instead of
 constructing a doomed WHERE clause.

git-svn-id: svn://svn.open-ils.org/ILS/trunk@12508 dcc99617-32d9-48b4-a31d-7c20da2025e4
---
 Open-ILS/src/c-apps/oils_cstore.c | 40 ++++++++++++++++++++++++++++++---------
 1 file changed, 31 insertions(+), 9 deletions(-)

diff --git a/Open-ILS/src/c-apps/oils_cstore.c b/Open-ILS/src/c-apps/oils_cstore.c
index 9c84d10662..a21b830abc 100644
--- a/Open-ILS/src/c-apps/oils_cstore.c
+++ b/Open-ILS/src/c-apps/oils_cstore.c
@@ -2293,11 +2293,22 @@ static char* searchWHERE ( const jsonObject* search_hash, osrfHash* meta, int op
 
 	jsonObject* node = NULL;
 
-    int first = 1;
-    if ( search_hash->type == JSON_ARRAY ) {
-	    osrfLogDebug(OSRF_LOG_MARK, "%s: In WHERE clause, condition type is JSON_ARRAY", MODULENAME);
-        jsonIterator* search_itr = jsonNewIterator( search_hash );
-        while ( (node = jsonIteratorNext( search_itr )) ) {
+	int first = 1;
+	if ( search_hash->type == JSON_ARRAY ) {
+		osrfLogDebug(OSRF_LOG_MARK, "%s: In WHERE clause, condition type is JSON_ARRAY", MODULENAME);
+		jsonIterator* search_itr = jsonNewIterator( search_hash );
+		if( !jsonIteratorHasNext( search_itr ) ) {
+			osrfLogError(
+				OSRF_LOG_MARK,
+				"%s: Invalid predicate structure: empty JSON array",
+				MODULENAME
+			);
+			jsonIteratorFree( search_itr );
+			buffer_free( sql_buf );
+			return NULL;
+		}
+
+		while ( (node = jsonIteratorNext( search_itr )) ) {
             if (first) {
                 first = 0;
             } else {
@@ -2311,10 +2322,21 @@ static char* searchWHERE ( const jsonObject* search_hash, osrfHash* meta, int op
         }
         jsonIteratorFree(search_itr);
 
-    } else if ( search_hash->type == JSON_HASH ) {
-	    osrfLogDebug(OSRF_LOG_MARK, "%s: In WHERE clause, condition type is JSON_HASH", MODULENAME);
-        jsonIterator* search_itr = jsonNewIterator( search_hash );
-        while ( (node = jsonIteratorNext( search_itr )) ) {
+	} else if ( search_hash->type == JSON_HASH ) {
+		osrfLogDebug(OSRF_LOG_MARK, "%s: In WHERE clause, condition type is JSON_HASH", MODULENAME);
+		jsonIterator* search_itr = jsonNewIterator( search_hash );
+		if( !jsonIteratorHasNext( search_itr ) ) {
+			osrfLogError(
+				OSRF_LOG_MARK,
+				"%s: Invalid predicate structure: empty JSON object",
+				MODULENAME
+			);
+			jsonIteratorFree( search_itr );
+			buffer_free( sql_buf );
+			return NULL;
+		}
+
+		while ( (node = jsonIteratorNext( search_itr )) ) {
 
             if (first) {
                 first = 0;
-- 
2.11.0