From 30df278de3d120224f70ac801fa722ac07cffc79 Mon Sep 17 00:00:00 2001
From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
Date: Sun, 6 Apr 2014 11:07:34 +0300
Subject: model: validate list indices

disallow sparse lists
---
 aconf/model/node.lua | 26 +++++++++++++++++++++-----
 1 file changed, 21 insertions(+), 5 deletions(-)

(limited to 'aconf')

diff --git a/aconf/model/node.lua b/aconf/model/node.lua
index 013b1bb..bdf8311 100644
--- a/aconf/model/node.lua
+++ b/aconf/model/node.lua
@@ -351,24 +351,40 @@ function M.List:init(context, params)
 
    mt._save = mt.save
 
+   local function check_index(i, max)
+      if type(i) ~= 'number' or math.floor(i) ~= i or i < 1 or i > max then
+	 raise(mt.path, 'Invalid list index: '..i)
+      end
+   end
+
    function mt.save(k, v)
-      assert(type(k) == 'number')
+      local len = #mt.members()
+
       if v == nil then
+	 check_index(k, len)
 	 mt.check_removable(k)
-	 local len = #mt.members()
 	 while k < len do
 	    tmt._save(k, tmt.load(k + 1, {dereference=false}))
 	    k = k + 1
 	 end
 	 tmt._save(len)
-      else mt._save(k, v) end
+
+      else
+	 check_index(k, len + 1)
+	 mt._save(k, v)
+      end
    end
 
    function mt.insert(v, i)
       assert(v ~= nil)
-      mt.check_permission('create')
+
       local len = #mt.members()
-      if not i then i = len + 1 end
+      local max = len + 1
+      if i then check_index(i, max)
+      else i = max end
+
+      mt.check_permission('create')
+
       for j = len,i,-1 do
 	 tmt._save(j + 1, tmt.load(j, {dereference=false}))
       end
-- 
cgit v1.2.3