luci-base: fix handling of large ubus HTTP requests

Properly handle ubus POST requests exceeding the default chunk size
and fix a possible nil dereference when rejecting incoming requests
due to bad JSON message framing.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

diff --git a/modules/luci-base/luasrc/controller/admin/index.lua b/modules/luci-base/luasrc/controller/admin/index.lua
index 259c34eee81b4afd4214252acf8fcb2df1b25f02..9fcfe4a309872295c7d84eae58da54cb01593268 100644 (file)
--- a/modules/luci-base/luasrc/controller/admin/index.lua
+++ b/modules/luci-base/luasrc/controller/admin/index.lua
@@ -161,7 +161,7 @@ local ubus_types = {
 local function ubus_request(req)
        if type(req) ~= "table" or type(req.method) ~= "string" or type(req.params) ~= "table" or
           #req.params < 2 or req.jsonrpc ~= "2.0" or req.id == nil then
-               return ubus_reply(req.id, nil, -32600, "Invalid request")
+               return ubus_reply(nil, nil, -32600, "Invalid request")
 
        elseif req.method == "call" then
                local sid, obj, fun, arg =
@@ -216,7 +216,16 @@ end
 
 function action_ubus()
        local parser = require "luci.jsonc".new()
-       luci.http.context.request:setfilehandler(function(_, s) parser:parse(s or "") end)
+
+       luci.http.context.request:setfilehandler(function(_, s)
+               if not s then
+                       return nil
+               end
+
+               local ok, err = parser:parse(s)
+               return (not err or nil)
+       end)
+
        luci.http.context.request:content()
 
        local json = parser:get()