From dc8932cd953025708111c222d1c898202fbb1276 Mon Sep 17 00:00:00 2001 From: binwiederhier Date: Thu, 1 Jun 2023 14:08:51 -0400 Subject: [PATCH] Fix segault in ntfy pub --- client/client.go | 5 ++++- cmd/app.go | 1 + cmd/publish.go | 4 ++++ cmd/subscribe.go | 4 +++- docs/releases.md | 1 + 5 files changed, 13 insertions(+), 2 deletions(-) diff --git a/client/client.go b/client/client.go index b744fa11..e719e9ef 100644 --- a/client/client.go +++ b/client/client.go @@ -97,7 +97,10 @@ func (c *Client) Publish(topic, message string, options ...PublishOption) (*Mess // WithNoFirebase, and the generic WithHeader. func (c *Client) PublishReader(topic string, body io.Reader, options ...PublishOption) (*Message, error) { topicURL := c.expandTopicURL(topic) - req, _ := http.NewRequest("POST", topicURL, body) + req, err := http.NewRequest("POST", topicURL, body) + if err != nil { + return nil, err + } for _, option := range options { if err := option(req); err != nil { return nil, err diff --git a/cmd/app.go b/cmd/app.go index edef5b47..fd992633 100644 --- a/cmd/app.go +++ b/cmd/app.go @@ -29,6 +29,7 @@ var flagsDefault = []cli.Flag{ var ( logLevelOverrideRegex = regexp.MustCompile(`(?i)^([^=\s]+)(?:\s*=\s*(\S+))?\s*->\s*(TRACE|DEBUG|INFO|WARN|ERROR)$`) + topicRegex = regexp.MustCompile(`^[-_A-Za-z0-9]{1,64}$`) // Same as in server/server.go ) // New creates a new CLI application diff --git a/cmd/publish.go b/cmd/publish.go index 0179f9fa..bce27e0f 100644 --- a/cmd/publish.go +++ b/cmd/publish.go @@ -249,6 +249,10 @@ func parseTopicMessageCommand(c *cli.Context) (topic string, message string, com if c.String("message") != "" { message = c.String("message") } + if !topicRegex.MatchString(topic) { + err = fmt.Errorf("topic %s contains invalid characters", topic) + return + } return } diff --git a/cmd/subscribe.go b/cmd/subscribe.go index 2691e6a1..81f5988c 100644 --- a/cmd/subscribe.go +++ b/cmd/subscribe.go @@ -72,7 +72,7 @@ ntfy subscribe TOPIC COMMAND $NTFY_TITLE $title, $t Message title $NTFY_PRIORITY $priority, $prio, $p Message priority (1=min, 5=max) $NTFY_TAGS $tags, $tag, $ta Message tags (comma separated list) - $NTFY_RAW $raw Raw JSON message + $NTFY_RAW $raw Raw JSON message Examples: ntfy sub mytopic 'notify-send "$m"' # Execute command for incoming messages @@ -108,6 +108,8 @@ func execSubscribe(c *cli.Context) error { // Checks if user != "" && token != "" { return errors.New("cannot set both --user and --token") + } else if !topicRegex.MatchString(topic) { + return fmt.Errorf("topic %s contains invalid characters", topic) } if !fromConfig { diff --git a/docs/releases.md b/docs/releases.md index 6c88dd1d..0e93b677 100644 --- a/docs/releases.md +++ b/docs/releases.md @@ -1226,6 +1226,7 @@ and the [ntfy Android app](https://github.com/binwiederhier/ntfy-android/release * Support encoding any header as RFC 2047 ([#737](https://github.com/binwiederhier/ntfy/issues/737), thanks to [@cfouche3005](https://github.com/cfouche3005) for reporting) * Do not forward poll requests for UnifiedPush messages (no ticket, thanks to NoName for reporting) +* Fix `ntfy pub %` segfaulting ([#760](https://github.com/binwiederhier/ntfy/issues/760), thanks to [@clesmian](https://github.com/clesmian) for reporting) **Maintenance:**