From 24389288a8ed1f4c798fd1260cb8f855c3cfed65 Mon Sep 17 00:00:00 2001
From: verybadsoldier <vbs@springrts.de>
Date: Sat, 4 Apr 2015 21:35:51 +0200
Subject: [PATCH 1/2] added converter: UserCode

---
 FHEM/fhconverter.pm | 65 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 65 insertions(+)

diff --git a/FHEM/fhconverter.pm b/FHEM/fhconverter.pm
index 229811f..d355468 100644
--- a/FHEM/fhconverter.pm
+++ b/FHEM/fhconverter.pm
@@ -376,5 +376,70 @@ sub RGBCombined(@)
   return undef;
 }
 
+###############################################################################
+#
+# converts readings using user perl code
+# first argument converts outgoing data (e.g. {$VALUE / 1000.0}
+# second argument converts incoming data (e.g. {$VALUE * 1000.0}
+#
+###############################################################################
+sub UserCode(@)
+{
+  my ($param) = @_;
+  my $cmd = $param->{cmd};
+  my $gad = $param->{gad};
+  my $gadval = $param->{gadval};
+
+  my $device = $param->{device};
+  my $reading = $param->{reading};
+  my $event = $param->{event};
+
+  # we join the arguments to one string because they might have
+  # been split in an inproper way for us
+  my $argsStr = join(",", @{$param->{args}});
+
+  # now we split the args correctly
+  # (we obey commas within perl code)
+  my $regexi= '\s*({.*?})\s*';
+  my $regexo= '^(' . $regexi . ')(,\s*(.*))*$';
+  my @args;
+  while($argsStr =~ /$regexo/) {
+    push(@args, $2);
+    
+    $argsStr = defined($4) ? $4 : "";
+  }
+
+  return "error:$gad: converter syntax: wrong paramter count" unless (@args == 1 or @args == 2);
+  
+  if ($param->{cmd} eq 'get')
+  {
+    $event = ($reading eq 'state') ? main::Value($device) : main::ReadingsVal($device, $reading, '0');
+    $param->{cmd} = 'send';
+  }
+  
+  if ($param->{cmd} eq 'send')
+  {
+    my $VALUE = $event;
+    $param->{gadval} = eval $args[0];
+    $param->{gad} = $gad;
+    $param->{gads} = [];
+    return undef;
+  }
+  elsif ($param->{cmd} eq 'rcv')
+  {
+    return "done" if (@args < 2); # we are read-only if we havent a second arg
+
+    my $VALUE = $gadval;
+    $param->{result} = eval $args[1];
+    $param->{results} = [];
+    return undef;
+  }
+  elsif ($param->{cmd} eq '?')
+  {
+    return 'usage: TBD!!!';
+  }
+  return undef;
+}
+
 
 1;

From 0de01b155f5bb40e87d09334268c2b2441187bef Mon Sep 17 00:00:00 2001
From: verybadsoldier <vbs@springrts.de>
Date: Sun, 5 Apr 2015 15:36:43 +0200
Subject: [PATCH 2/2] UserCodeConverter: escape incoming SV code

---
 FHEM/fhconverter.pm | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/FHEM/fhconverter.pm b/FHEM/fhconverter.pm
index d355468..49144c5 100644
--- a/FHEM/fhconverter.pm
+++ b/FHEM/fhconverter.pm
@@ -4,6 +4,7 @@
 package fronthem;
 use strict;
 use warnings;
+use String::Escape;
 
 ###############################################################################
 #
@@ -429,7 +430,8 @@ sub UserCode(@)
   {
     return "done" if (@args < 2); # we are read-only if we havent a second arg
 
-    my $VALUE = $gadval;
+    # make sure to properly escape untrusted code
+    my $VALUE = String::Escape::quote(String::Escape::backslash($gadval));
     $param->{result} = eval $args[1];
     $param->{results} = [];
     return undef;