detect/dataset: check context_key validity

As context_key is an user entry and as it is used to build the JSON
string of alert, we could end up with an invalid event if the string
contains improper characters.

diff --git a/src/detect-dataset.c b/src/detect-dataset.c
index 2812ec8532f7bc302e99e9d1b7b3d4920cdd41c4..d68c804cf6a73cad05f8d7d795000b2d9224e32d 100644 (file)
--- a/src/detect-dataset.c
+++ b/src/detect-dataset.c
@@ -288,6 +288,13 @@ static int DetectDatasetParse(const char *str, char *cmd, int cmd_len, char *nam
                 }
                 strlcpy(array_key, val, array_key_size);
             } else if (strcmp(key, "context_key") == 0) {
+                for (size_t i = 0; i < strlen(val); i++) {
+                    if (!isalnum(val[i]) && val[i] != '_') {
+                        SCLogError("context_key can only contain alphanumeric characters and "
+                                   "underscores");
+                        return -1;
+                    }
+                }
                 if (strlen(val) > enrichment_key_size) {
                     SCLogError("'key' value too long (limit is %zu)", enrichment_key_size);
                     return -1;