Check ACL patterns for validity when loading.

Closes #1539. Thanks to Leon Poon.
eclipse · Dec 18, 2019 · b6119bb · b6119bb
1 parent c878918
commit b6119bb
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 0 deletions.
diff --git a/ChangeLog.txt b/ChangeLog.txt
@@ -1,5 +1,6 @@
 Broker:
 - Fix session expiry with very large expiry intervals. Closes #1525.
+- Check ACL patterns for validity when loading. Closes #1539.
 
 1.6.8 - 20191128
 ================

diff --git a/src/security_default.c b/src/security_default.c
@@ -510,6 +510,14 @@ static int aclfile__parse(struct mosquitto_db *db, struct mosquitto__security_op
  }else{
  access = MOSQ_ACL_READ | MOSQ_ACL_WRITE;
  }
+ rc = mosquitto_sub_topic_check(topic);
+ if(rc != MOSQ_ERR_SUCCESS){
+ log__printf(NULL, MOSQ_LOG_ERR, "Error: Invalid ACL topic \"%s\" in acl_file \"%s\".", topic, security_opts->acl_file);
+ mosquitto__free(user);
+ fclose(aclfptr);
+ return rc;
+ }
+
  if(topic_pattern == 0){
  rc = add__acl(security_opts, user, topic, access);
  }else{