net: lwm2m: Check access rights on composite operations

Composite operations need to check read/write access
rights as well.

Signed-off-by: Seppo Takalo <seppo.takalo@nordicsemi.no>
This commit is contained in:
Seppo Takalo 2023-10-16 22:56:48 +03:00 committed by Carles Cufí
commit a95bafec74
3 changed files with 13 additions and 3 deletions

View file

@ -3305,6 +3305,16 @@ cleanup:
int do_composite_read_op_for_parsed_list(struct lwm2m_message *msg, uint16_t content_format,
sys_slist_t *path_list)
{
struct lwm2m_obj_path_list *entry;
/* Check access rights */
SYS_SLIST_FOR_EACH_CONTAINER(path_list, entry, node) {
if (entry->path.level > LWM2M_PATH_LEVEL_NONE &&
entry->path.obj_id == LWM2M_OBJECT_SECURITY_ID && !msg->ctx->bootstrap_mode) {
return -EACCES;
}
}
switch (content_format) {
#if defined(CONFIG_LWM2M_RW_SENML_JSON_SUPPORT)

View file

@ -940,10 +940,10 @@ int do_composite_read_op_senml_cbor(struct lwm2m_message *msg)
lwm2m_engine_clear_duplicate_path(&lwm_path_list, &lwm_path_free_list);
return do_composite_read_op_for_parsed_path_senml_cbor(msg, &lwm_path_list);
return do_composite_read_op_for_parsed_list(msg, LWM2M_FORMAT_APP_SENML_CBOR,
&lwm_path_list);
}
int do_write_op_senml_cbor(struct lwm2m_message *msg)
{
uint_fast8_t dret;

View file

@ -1653,7 +1653,7 @@ int do_composite_read_op_senml_json(struct lwm2m_message *msg)
/* Clear path which are part are part of recursive path /1 will include /1/0/1 */
lwm2m_engine_clear_duplicate_path(&path_list, &free_list);
return do_composite_read_op_for_parsed_list_senml_json(msg, &path_list);
return do_composite_read_op_for_parsed_list(msg, LWM2M_FORMAT_APP_SEML_JSON, &path_list);
}
int do_send_op_senml_json(struct lwm2m_message *msg, sys_slist_t *lwm2m_path_list)