From 793e7ee484ae4ec37b1cd920b4032dde3cae69cc Mon Sep 17 00:00:00 2001
From: Daniel Golle <daniel@makrotopia.org>
Date: Sun, 13 Mar 2022 23:48:28 +0000
Subject: [PATCH] auc: don't segfault on invalid URL

Show error message instead of segfaulting in case of an invalid URL
being read from UCI config.

Fixes: #17971
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit c0d2c82528e19a304164dade96e9b019114b8fb0)
---
 utils/auc/src/auc.c | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/utils/auc/src/auc.c b/utils/auc/src/auc.c
index cd2acc522..65f57bc5f 100644
--- a/utils/auc/src/auc.c
+++ b/utils/auc/src/auc.c
@@ -307,6 +307,7 @@ static int load_config() {
 	struct uci_context *uci_ctx;
 	struct uci_package *uci_attendedsysupgrade;
 	struct uci_section *uci_s;
+	char *url;
 
 	uci_ctx = uci_alloc_context();
 	if (!uci_ctx)
@@ -319,13 +320,23 @@ static int load_config() {
 		fprintf(stderr, "Failed to load attendedsysupgrade config\n");
 		return -1;
 	}
-
 	uci_s = uci_lookup_section(uci_ctx, uci_attendedsysupgrade, "server");
 	if (!uci_s) {
+		fprintf(stderr, "Failed to read server config section\n");
+		return -1;
+	}
+	url = uci_lookup_option_string(uci_ctx, uci_s, "url");
+	if (!url) {
 		fprintf(stderr, "Failed to read server url from config\n");
 		return -1;
 	}
-	serverurl = strdup(uci_lookup_option_string(uci_ctx, uci_s, "url"));
+	if (strncmp(url, "https://", strlen("https://")) &&
+	    strncmp(url, "http://", strlen("http://"))) {
+		fprintf(stderr, "Server url invalid (needs to be http://... or https://...)\n");
+		return -1;
+	}
+
+	serverurl = strdup(url);
 
 	uci_s = uci_lookup_section(uci_ctx, uci_attendedsysupgrade, "client");
 	if (!uci_s) {