session: disallow destroying the null session

author Jo-Philipp Wich <jow@openwrt.org>

Thu, 12 Sep 2013 08:35:55 +0000 (10:35 +0200)

committer Jo-Philipp Wich <jow@openwrt.org>

Thu, 12 Sep 2013 08:35:55 +0000 (10:35 +0200)
author Jo-Philipp Wich <jow@openwrt.org>
Thu, 12 Sep 2013 08:35:55 +0000 (10:35 +0200)
committer Jo-Philipp Wich <jow@openwrt.org>
Thu, 12 Sep 2013 08:35:55 +0000 (10:35 +0200)
diff --git a/session.c b/session.c

index 5d403f0854dab746eb4e438faf028e3e19c35494..fc5f19b869d93f729282f74a58fbf6c2299deb16 100644 (file)
--- a/session.c
+++ b/session.c
@@ -751,6 +751,9 @@ rpc_handle_destroy(struct ubus_context *ctx, struct ubus_object *obj,
         if (!tb)
                 return UBUS_STATUS_INVALID_ARGUMENT;
  
+       if (!strcmp(blobmsg_get_string(tb), RPC_DEFAULT_SESSION_ID))
+               return UBUS_STATUS_PERMISSION_DENIED;
+
         ses = rpc_session_get(blobmsg_data(tb));
         if (!ses)
                 return UBUS_STATUS_NOT_FOUND;
author	Jo-Philipp Wich <jow@openwrt.org>
	Thu, 12 Sep 2013 08:35:55 +0000 (10:35 +0200)
committer	Jo-Philipp Wich <jow@openwrt.org>
	Thu, 12 Sep 2013 08:35:55 +0000 (10:35 +0200)