From 7189e53284351ec1aa3db62501acd9cbe47091d7 Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Wed, 16 Aug 2023 15:55:30 +0000
Subject: [PATCH] packages: Validate UUIDs when reading from the database

Since we are using the UUID in the filesystem paths, we must make sure
that no malicious content is in the field.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 src/libpakfire/include/pakfire/util.h |  3 +++
 src/libpakfire/package.c              | 14 ++++++++++++--
 src/libpakfire/util.c                 | 10 ++++++++++
 3 files changed, 25 insertions(+), 2 deletions(-)

diff --git a/src/libpakfire/include/pakfire/util.h b/src/libpakfire/include/pakfire/util.h
index 622fa3d7c..e5d32acd0 100644
--- a/src/libpakfire/include/pakfire/util.h
+++ b/src/libpakfire/include/pakfire/util.h
@@ -88,6 +88,9 @@ int pakfire_rmtree(const char* path, int flags);
 	__pakfire_which(pakfire, path, sizeof(path), what)
 int __pakfire_which(struct pakfire* pakfire, char* path, const size_t length, const char* what);
 
+// UUID Stuff
+
+int pakfire_uuid_is_valid(const char* s);
 char* pakfire_generate_uuid(void);
 
 int pakfire_tty_is_noninteractive(void);
diff --git a/src/libpakfire/package.c b/src/libpakfire/package.c
index a160a7301..af0f2362c 100644
--- a/src/libpakfire/package.c
+++ b/src/libpakfire/package.c
@@ -432,8 +432,6 @@ static int pakfire_package_make_cache_path(struct pakfire_package* pkg) {
 		return 1;
 	}
 
-	// XXX check if the UUID is valid
-
 	return pakfire_cache_path(pkg->pakfire, pkg->cache_path, "%s/%s", uuid, filename);
 }
 
@@ -468,6 +466,13 @@ PAKFIRE_EXPORT const char* pakfire_package_get_string(
 
 		case PAKFIRE_PKG_UUID:
 			ret = solvable_lookup_str(s, SOLVABLE_PKGID);
+
+			// Validate the UUID
+			if (!pakfire_uuid_is_valid(ret)) {
+				errno = EINVAL;
+				return NULL;
+			}
+
 			break;
 
 		case PAKFIRE_PKG_SUMMARY:
@@ -627,6 +632,11 @@ PAKFIRE_EXPORT int pakfire_package_set_string(
 
 		case PAKFIRE_PKG_UUID:
 			id = SOLVABLE_PKGID;
+
+			// Validate the UUID
+			if (!pakfire_uuid_is_valid(value))
+				return -EINVAL;
+
 			break;
 
 		case PAKFIRE_PKG_SUMMARY:
diff --git a/src/libpakfire/util.c b/src/libpakfire/util.c
index bb325a806..2faefe573 100644
--- a/src/libpakfire/util.c
+++ b/src/libpakfire/util.c
@@ -438,6 +438,16 @@ char* pakfire_generate_uuid() {
 	return ret;
 }
 
+int pakfire_uuid_is_valid(const char* s) {
+	uuid_t uuid;
+	int r;
+
+	// Check if we can parse the UUID
+	r = uuid_parse(s, uuid);
+
+	return (r == 0);
+}
+
 int pakfire_tty_is_noninteractive(void) {
 	const int fds[] = {
 		STDIN_FILENO,
-- 
2.39.5