* [pve-devel] [PATCH common v2] fix #4778: fix boolean type check for json parameters over the api
@ 2023-06-15 12:36 Dominik Csapak
2023-06-15 13:00 ` [pve-devel] applied: " Wolfgang Bumiller
0 siblings, 1 reply; 2+ messages in thread
From: Dominik Csapak @ 2023-06-15 12:36 UTC (permalink / raw)
To: pve-devel
if a real json boolean is sent via the api, $value is a
JSON::PP::Boolean here instead of a string/scalar
so we should validate that too
the $value itself can be used normally in conditions like
----
if ($value) {
----
if the value is stringified, the result is either '1' or '0' so even if
we have some explicit checks like that it should not make a problem
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
change from v1:
* put check inside the 'if ref' condition since that will be
'JSON::PP::Boolean' after decoding
* added more info to commit message
src/PVE/JSONSchema.pm | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/PVE/JSONSchema.pm b/src/PVE/JSONSchema.pm
index 85d47f2..60b02cb 100644
--- a/src/PVE/JSONSchema.pm
+++ b/src/PVE/JSONSchema.pm
@@ -10,6 +10,7 @@ use Devel::Cycle -quiet; # todo: remove?
use PVE::Tools qw(split_list $IPV6RE $IPV4RE);
use PVE::Exception qw(raise);
use HTTP::Status qw(:constants);
+use JSON;
use Net::IP qw(:PROC);
use Data::Dumper;
@@ -1040,6 +1041,9 @@ sub check_type {
return 1;
} else {
if ($vt) {
+ if ($type eq 'boolean' && JSON::is_bool($value)) {
+ return 1;
+ }
add_error($errors, $path, "type check ('$type') failed - got $vt");
return undef;
} else {
--
2.30.2
^ permalink raw reply [flat|nested] 2+ messages in thread
* [pve-devel] applied: [PATCH common v2] fix #4778: fix boolean type check for json parameters over the api
2023-06-15 12:36 [pve-devel] [PATCH common v2] fix #4778: fix boolean type check for json parameters over the api Dominik Csapak
@ 2023-06-15 13:00 ` Wolfgang Bumiller
0 siblings, 0 replies; 2+ messages in thread
From: Wolfgang Bumiller @ 2023-06-15 13:00 UTC (permalink / raw)
To: Dominik Csapak; +Cc: pve-devel
applied, thanks
On Thu, Jun 15, 2023 at 02:36:43PM +0200, Dominik Csapak wrote:
> if a real json boolean is sent via the api, $value is a
> JSON::PP::Boolean here instead of a string/scalar
>
> so we should validate that too
>
> the $value itself can be used normally in conditions like
> ----
> if ($value) {
> ----
>
> if the value is stringified, the result is either '1' or '0' so even if
> we have some explicit checks like that it should not make a problem
I guess that shouldn't be surprising...
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-06-15 13:00 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-06-15 12:36 [pve-devel] [PATCH common v2] fix #4778: fix boolean type check for json parameters over the api Dominik Csapak
2023-06-15 13:00 ` [pve-devel] applied: " Wolfgang Bumiller
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal