From 59c977ddc9e5f7fdaa3a0dc0606ba86af8d7b941 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Helleu?= <flashcode@flashtux.org>
Date: Sun, 10 Mar 2024 10:16:31 +0100
Subject: [PATCH] relay/api: check that "request" field is a string in JSON
 received (websocket connection)

---
 src/plugins/relay/api/relay-api-protocol.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/plugins/relay/api/relay-api-protocol.c b/src/plugins/relay/api/relay-api-protocol.c
index 83be148c1..0cf6b8055 100644
--- a/src/plugins/relay/api/relay-api-protocol.c
+++ b/src/plugins/relay/api/relay-api-protocol.c
@@ -682,6 +682,9 @@ relay_api_protocol_recv_json (struct t_relay_client *client, const char *json)
     if (!json_request)
         goto error;
 
+    if (!cJSON_IsString (json_request))
+        goto error;
+
     if (!relay_http_parse_method_path (client->http_req,
                                        cJSON_GetStringValue (json_request)))
     {