From 0188e8f61b996fed0ab268f85db30a13c37a1af0 Mon Sep 17 00:00:00 2001 From: Boris Zbarsky Date: Mon, 17 Jul 2023 20:20:00 -0400 Subject: [PATCH] [nrf fromtree] Enforce length constraint for CountryCode in SetRegulatoryConfig. (#27949) We were not checking the length (which must be 2), so would allow 1-char or 0-char values. Also aligns the exact logic with the Location attribute write code and adds some error logging. --- .../basic-information/basic-information.cpp | 6 ++++- .../general-commissioning-server.cpp | 25 ++++++++++++++----- 2 files changed, 24 insertions(+), 7 deletions(-) diff --git a/src/app/clusters/basic-information/basic-information.cpp b/src/app/clusters/basic-information/basic-information.cpp index 57f297f1e1..4b427abe48 100644 --- a/src/app/clusters/basic-information/basic-information.cpp +++ b/src/app/clusters/basic-information/basic-information.cpp @@ -344,7 +344,11 @@ CHIP_ERROR BasicAttrAccess::WriteLocation(AttributeValueDecoder & aDecoder) ReturnErrorOnFailure(aDecoder.Decode(location)); bool isValidLength = location.size() == DeviceLayer::ConfigurationManager::kMaxLocationLength; - VerifyOrReturnError(isValidLength, StatusIB(Protocols::InteractionModel::Status::InvalidValue).ToChipError()); + if (!isValidLength) + { + ChipLogError(Zcl, "Invalid country code: '%.*s'", static_cast(location.size()), location.data()); + return CHIP_IM_GLOBAL_STATUS(ConstraintError); + } return DeviceLayer::ConfigurationMgr().StoreCountryCode(location.data(), location.size()); } diff --git a/src/app/clusters/general-commissioning-server/general-commissioning-server.cpp b/src/app/clusters/general-commissioning-server/general-commissioning-server.cpp index 8e31c4ec72..a364c2615c 100644 --- a/src/app/clusters/general-commissioning-server/general-commissioning-server.cpp +++ b/src/app/clusters/general-commissioning-server/general-commissioning-server.cpp @@ -287,10 +287,21 @@ bool emberAfGeneralCommissioningClusterSetRegulatoryConfigCallback(app::CommandH DeviceControlServer * server = &DeviceLayer::DeviceControlServer::DeviceControlSvr(); Commands::SetRegulatoryConfigResponse::Type response; - if (commandData.newRegulatoryConfig > RegulatoryLocationType::kIndoorOutdoor) + auto & countryCode = commandData.countryCode; + bool isValidLength = countryCode.size() == DeviceLayer::ConfigurationManager::kMaxLocationLength; + if (!isValidLength) { - response.errorCode = CommissioningError::kValueOutsideRange; - response.debugText = commandData.countryCode; + ChipLogError(Zcl, "Invalid country code: '%.*s'", static_cast(countryCode.size()), countryCode.data()); + commandObj->AddStatus(commandPath, Protocols::InteractionModel::Status::ConstraintError); + return true; + } + + if (commandData.newRegulatoryConfig > RegulatoryLocationTypeEnum::kIndoorOutdoor) + { + response.errorCode = CommissioningErrorEnum::kValueOutsideRange; + // TODO: How does using the country code in debug text make sense, if + // the real issue is the newRegulatoryConfig value? + response.debugText = countryCode; } else { @@ -303,12 +314,14 @@ bool emberAfGeneralCommissioningClusterSetRegulatoryConfigCallback(app::CommandH // either the Indoor or Outdoor fixed value in LocationCapability. if ((locationCapability != to_underlying(RegulatoryLocationType::kIndoorOutdoor)) && (location != locationCapability)) { - response.errorCode = CommissioningError::kValueOutsideRange; - response.debugText = commandData.countryCode; + response.errorCode = CommissioningErrorEnum::kValueOutsideRange; + // TODO: How does using the country code in debug text make sense, if + // the real issue is the newRegulatoryConfig value? + response.debugText = countryCode; } else { - CheckSuccess(server->SetRegulatoryConfig(location, commandData.countryCode), Failure); + CheckSuccess(server->SetRegulatoryConfig(location, countryCode), Failure); Breadcrumb::Set(commandPath.mEndpointId, commandData.breadcrumb); response.errorCode = CommissioningError::kOk; }