1 /* -*- mode: C; c-file-style: "gnu" -*- */
2 /* dbus-marshal-header.c Managing marshaling/demarshaling of message headers
4 * Copyright (C) 2005 Red Hat, Inc.
6 * Licensed under the Academic Free License version 2.1
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24 #include "dbus-marshal-header.h"
25 #include "dbus-marshal-recursive.h"
28 * @addtogroup DBusMarshal
34 /* Not thread locked, but strictly const/read-only so should be OK
36 /** Static #DBusString containing the signature of a message header */
37 _DBUS_STRING_DEFINE_STATIC(_dbus_header_signature_str, DBUS_HEADER_SIGNATURE);
38 /** Static #DBusString containing the local interface */
39 _DBUS_STRING_DEFINE_STATIC(_dbus_local_interface_str, DBUS_INTERFACE_ORG_FREEDESKTOP_LOCAL);
40 /** Static #DBusString containing the local path */
41 _DBUS_STRING_DEFINE_STATIC(_dbus_local_path_str, DBUS_PATH_ORG_FREEDESKTOP_LOCAL);
43 /** Offset from start of _dbus_header_signature_str to the signature of the fields array */
44 #define FIELDS_ARRAY_SIGNATURE_OFFSET 6
45 /** Offset from start of _dbus_header_signature_str to the signature of an element of the fields array */
46 #define FIELDS_ARRAY_ELEMENT_SIGNATURE_OFFSET 7
49 /** Offset to byte order from start of header */
50 #define BYTE_ORDER_OFFSET 0
51 /** Offset to type from start of header */
53 /** Offset to flags from start of header */
54 #define FLAGS_OFFSET 2
55 /** Offset to version from start of header */
56 #define VERSION_OFFSET 3
57 /** Offset to body length from start of header */
58 #define BODY_LENGTH_OFFSET 4
59 /** Offset to client serial from start of header */
60 #define SERIAL_OFFSET 8
61 /** Offset to fields array length from start of header */
62 #define FIELDS_ARRAY_LENGTH_OFFSET 12
63 /** Offset to first field in header */
64 #define FIRST_FIELD_OFFSET 16
72 static const HeaderFieldType
73 _dbus_header_field_types[DBUS_HEADER_FIELD_LAST+1] = {
74 { DBUS_HEADER_FIELD_INVALID, DBUS_TYPE_INVALID },
75 { DBUS_HEADER_FIELD_PATH, DBUS_TYPE_OBJECT_PATH },
76 { DBUS_HEADER_FIELD_INTERFACE, DBUS_TYPE_STRING },
77 { DBUS_HEADER_FIELD_MEMBER, DBUS_TYPE_STRING },
78 { DBUS_HEADER_FIELD_ERROR_NAME, DBUS_TYPE_STRING },
79 { DBUS_HEADER_FIELD_REPLY_SERIAL, DBUS_TYPE_UINT32 },
80 { DBUS_HEADER_FIELD_DESTINATION, DBUS_TYPE_STRING },
81 { DBUS_HEADER_FIELD_SENDER, DBUS_TYPE_STRING },
82 { DBUS_HEADER_FIELD_SIGNATURE, DBUS_TYPE_SIGNATURE }
85 /** Macro to look up the correct type for a field */
86 #define EXPECTED_TYPE_OF_FIELD(field) (_dbus_header_field_types[field].type)
88 /** The most padding we could ever need for a header */
89 #define MAX_POSSIBLE_HEADER_PADDING 7
91 reserve_header_padding (DBusHeader *header)
93 _dbus_assert (header->padding <= MAX_POSSIBLE_HEADER_PADDING);
95 if (!_dbus_string_lengthen (&header->data,
96 MAX_POSSIBLE_HEADER_PADDING - header->padding))
98 header->padding = MAX_POSSIBLE_HEADER_PADDING;
103 correct_header_padding (DBusHeader *header)
107 _dbus_assert (header->padding == 7);
109 _dbus_string_shorten (&header->data, header->padding);
110 unpadded_len = _dbus_string_get_length (&header->data);
112 if (!_dbus_string_align_length (&header->data, 8))
113 _dbus_assert_not_reached ("couldn't pad header though enough padding was preallocated");
115 header->padding = _dbus_string_get_length (&header->data) - unpadded_len;
118 /** Compute the end of the header, ignoring padding */
119 #define HEADER_END_BEFORE_PADDING(header) \
120 (_dbus_string_get_length (&(header)->data) - (header)->padding)
123 * Invalidates all fields in the cache. This may be used when the
124 * cache is totally uninitialized (contains junk) so should not
125 * look at what's in there now.
127 * @param header the header
130 _dbus_header_cache_invalidate_all (DBusHeader *header)
135 while (i <= DBUS_HEADER_FIELD_LAST)
137 header->fields[i].value_pos = _DBUS_HEADER_FIELD_VALUE_UNKNOWN;
145 * @param header the header
146 * @param field_code the field
147 * @param variant_reader the reader for the variant in the field
150 _dbus_header_cache_one (DBusHeader *header,
152 DBusTypeReader *variant_reader)
156 variant_type = _dbus_type_reader_get_current_type (variant_reader);
158 header->fields[field_code].value_pos =
159 _dbus_type_reader_get_value_pos (variant_reader);
162 _dbus_verbose ("cached value_pos %d for field %d\n",
163 header->fields[field_code].value_pos, field_code)
168 * Revalidates the fields cache
170 * @param header the header
173 _dbus_header_cache_revalidate (DBusHeader *header)
175 DBusTypeReader array;
176 DBusTypeReader reader;
180 while (i <= DBUS_HEADER_FIELD_LAST)
182 header->fields[i].value_pos = _DBUS_HEADER_FIELD_VALUE_NONEXISTENT;
186 _dbus_type_reader_init (&reader,
188 &_dbus_header_signature_str,
189 FIELDS_ARRAY_SIGNATURE_OFFSET,
191 FIELDS_ARRAY_LENGTH_OFFSET);
193 _dbus_type_reader_recurse (&reader, &array);
195 while (_dbus_type_reader_get_current_type (&array) != DBUS_TYPE_INVALID)
198 DBusTypeReader variant;
199 unsigned char field_code;
201 _dbus_type_reader_recurse (&array, &sub);
203 _dbus_assert (_dbus_type_reader_get_current_type (&sub) == DBUS_TYPE_BYTE);
204 _dbus_type_reader_read_basic (&sub, &field_code);
206 /* Unknown fields should be ignored */
207 if (field_code > DBUS_HEADER_FIELD_LAST)
210 _dbus_type_reader_next (&sub);
212 _dbus_assert (_dbus_type_reader_get_current_type (&sub) == DBUS_TYPE_VARIANT);
213 _dbus_type_reader_recurse (&sub, &variant);
215 _dbus_header_cache_one (header, field_code, &variant);
218 _dbus_type_reader_next (&array);
223 * Checks for a field, updating the cache if required.
225 * @param header the header
226 * @param field the field to check
227 * @returns #FALSE if the field doesn't exist
230 _dbus_header_cache_check (DBusHeader *header,
233 _dbus_assert (field <= DBUS_HEADER_FIELD_LAST);
235 if (header->fields[field].value_pos == _DBUS_HEADER_FIELD_VALUE_UNKNOWN)
236 _dbus_header_cache_revalidate (header);
238 if (header->fields[field].value_pos == _DBUS_HEADER_FIELD_VALUE_NONEXISTENT)
245 * Checks whether a field is known not to exist. It may exist
246 * even if it's not known to exist.
248 * @param header the header
249 * @param field the field to check
250 * @returns #FALSE if the field definitely doesn't exist
253 _dbus_header_cache_known_nonexistent (DBusHeader *header,
256 _dbus_assert (field <= DBUS_HEADER_FIELD_LAST);
258 return (header->fields[field].value_pos == _DBUS_HEADER_FIELD_VALUE_NONEXISTENT);
262 * Writes a struct of { byte, variant } with the given basic type.
264 * @param writer the writer (should be ready to write a struct)
265 * @param type the type of the value
266 * @param value the value as for _dbus_marshal_set_basic()
267 * @returns #FALSE if no memory
270 write_basic_field (DBusTypeWriter *writer,
276 DBusTypeWriter variant;
279 unsigned char field_byte;
280 DBusString contained_type;
283 start = writer->value_pos;
284 padding = _dbus_string_get_length (writer->value_str) - start;
286 if (!_dbus_type_writer_recurse (writer, DBUS_TYPE_STRUCT,
291 if (!_dbus_type_writer_write_basic (&sub, DBUS_TYPE_BYTE,
297 _dbus_string_init_const_len (&contained_type, buf, 1);
299 if (!_dbus_type_writer_recurse (&sub, DBUS_TYPE_VARIANT,
300 &contained_type, 0, &variant))
303 if (!_dbus_type_writer_write_basic (&variant, type, value))
306 if (!_dbus_type_writer_unrecurse (&sub, &variant))
309 if (!_dbus_type_writer_unrecurse (writer, &sub))
315 _dbus_string_delete (writer->value_str,
317 _dbus_string_get_length (writer->value_str) - start - padding);
322 * Sets a struct of { byte, variant } with the given basic type.
324 * @param reader the reader (should be iterating over the array pointing at the field to set)
325 * @param type the type of the value
326 * @param value the value as for _dbus_marshal_set_basic()
327 * @param realign_root where to realign from
328 * @returns #FALSE if no memory
331 set_basic_field (DBusTypeReader *reader,
335 const DBusTypeReader *realign_root)
338 DBusTypeReader variant;
340 _dbus_type_reader_recurse (reader, &sub);
342 _dbus_assert (_dbus_type_reader_get_current_type (&sub) == DBUS_TYPE_BYTE);
343 #ifndef DBUS_DISABLE_ASSERT
345 unsigned char v_BYTE;
346 _dbus_type_reader_read_basic (&sub, &v_BYTE);
347 _dbus_assert (((int) v_BYTE) == field);
351 if (!_dbus_type_reader_next (&sub))
352 _dbus_assert_not_reached ("no variant field?");
354 _dbus_type_reader_recurse (&sub, &variant);
355 _dbus_assert (_dbus_type_reader_get_current_type (&variant) == type);
357 if (!_dbus_type_reader_set_basic (&variant, value, realign_root))
364 * Gets the type of the message.
366 * @param header the header
370 _dbus_header_get_message_type (DBusHeader *header)
374 type = _dbus_string_get_byte (&header->data, TYPE_OFFSET);
375 _dbus_assert (type != DBUS_MESSAGE_TYPE_INVALID);
381 * Sets the serial number of a header. This can only be done once on
384 * @param header the header
385 * @param serial the serial
388 _dbus_header_set_serial (DBusHeader *header,
389 dbus_uint32_t serial)
391 /* we use this function to set the serial on outgoing
392 * messages, and to reset the serial in dbus_message_copy;
393 * this assertion should catch a double-set on outgoing.
395 _dbus_assert (_dbus_header_get_serial (header) == 0 ||
398 _dbus_marshal_set_uint32 (&header->data,
405 * See dbus_message_get_serial()
407 * @param header the header
408 * @returns the client serial
411 _dbus_header_get_serial (DBusHeader *header)
413 return _dbus_marshal_read_uint32 (&header->data,
420 * Re-initializes a header that was previously initialized and never
421 * freed. After this, to make the header valid you have to call
422 * _dbus_header_create().
424 * @param header header to re-initialize
425 * @param byte_order byte order of the header
428 _dbus_header_reinit (DBusHeader *header,
431 _dbus_string_set_length (&header->data, 0);
433 header->byte_order = byte_order;
436 _dbus_header_cache_invalidate_all (header);
440 * Initializes a header, but doesn't prepare it for use;
441 * to make the header valid, you have to call _dbus_header_create().
443 * @param header header to initialize
444 * @param byte_order byte order of the header
445 * @returns #FALSE if not enough memory
448 _dbus_header_init (DBusHeader *header,
451 if (!_dbus_string_init_preallocated (&header->data, 32))
454 _dbus_header_reinit (header, byte_order);
462 * @param header the header
465 _dbus_header_free (DBusHeader *header)
467 _dbus_string_free (&header->data);
471 * Initializes dest with a copy of the given header.
472 * Resets the message serial to 0 on the copy.
474 * @param header header to copy
475 * @param dest destination for copy
476 * @returns #FALSE if not enough memory
479 _dbus_header_copy (const DBusHeader *header,
484 if (!_dbus_string_init_preallocated (&dest->data,
485 _dbus_string_get_length (&header->data)))
488 if (!_dbus_string_copy (&header->data, 0, &dest->data, 0))
490 _dbus_string_free (&dest->data);
494 /* Reset the serial */
495 _dbus_header_set_serial (dest, 0);
501 * Fills in the primary fields of the header, so the header is ready
502 * for use. #NULL may be specified for some or all of the fields to
503 * avoid adding those fields. Some combinations of fields don't make
504 * sense, and passing them in will trigger an assertion failure.
506 * @param header the header
507 * @param message_type the message type
508 * @param destination destination field or #NULL
509 * @param path path field or #NULL
510 * @param interface interface field or #NULL
511 * @param member member field or #NULL
512 * @param error_name error name or #NULL
513 * @returns #FALSE if not enough memory
516 _dbus_header_create (DBusHeader *header,
518 const char *destination,
520 const char *interface,
522 const char *error_name)
524 unsigned char v_BYTE;
525 dbus_uint32_t v_UINT32;
526 DBusTypeWriter writer;
527 DBusTypeWriter array;
529 _dbus_assert ((interface && member) ||
531 !(interface || member || error_name));
532 _dbus_assert (_dbus_string_get_length (&header->data) == 0);
534 if (!reserve_header_padding (header))
537 _dbus_type_writer_init_values_only (&writer, header->byte_order,
538 &_dbus_header_signature_str, 0,
540 HEADER_END_BEFORE_PADDING (header));
542 v_BYTE = header->byte_order;
543 if (!_dbus_type_writer_write_basic (&writer, DBUS_TYPE_BYTE,
547 v_BYTE = message_type;
548 if (!_dbus_type_writer_write_basic (&writer, DBUS_TYPE_BYTE,
552 v_BYTE = 0; /* flags */
553 if (!_dbus_type_writer_write_basic (&writer, DBUS_TYPE_BYTE,
557 v_BYTE = DBUS_MAJOR_PROTOCOL_VERSION;
558 if (!_dbus_type_writer_write_basic (&writer, DBUS_TYPE_BYTE,
562 v_UINT32 = 0; /* body length */
563 if (!_dbus_type_writer_write_basic (&writer, DBUS_TYPE_UINT32,
567 v_UINT32 = 0; /* serial */
568 if (!_dbus_type_writer_write_basic (&writer, DBUS_TYPE_UINT32,
572 if (!_dbus_type_writer_recurse (&writer, DBUS_TYPE_ARRAY,
573 &_dbus_header_signature_str,
574 FIELDS_ARRAY_SIGNATURE_OFFSET,
578 /* Marshal all the fields (Marshall Fields?) */
582 if (!write_basic_field (&array,
583 DBUS_HEADER_FIELD_PATH,
584 DBUS_TYPE_OBJECT_PATH,
589 if (destination != NULL)
591 if (!write_basic_field (&array,
592 DBUS_HEADER_FIELD_DESTINATION,
598 if (interface != NULL)
600 if (!write_basic_field (&array,
601 DBUS_HEADER_FIELD_INTERFACE,
609 if (!write_basic_field (&array,
610 DBUS_HEADER_FIELD_MEMBER,
616 if (error_name != NULL)
618 if (!write_basic_field (&array,
619 DBUS_HEADER_FIELD_ERROR_NAME,
625 if (!_dbus_type_writer_unrecurse (&writer, &array))
628 correct_header_padding (header);
633 _dbus_string_delete (&header->data, 0,
634 _dbus_string_get_length (&header->data) - header->padding);
635 correct_header_padding (header);
641 * Given data long enough to contain the length of the message body
642 * and the fields array, check whether the data is long enough to
643 * contain the entire message (assuming the claimed lengths are
644 * accurate). Also checks that the lengths are in sanity parameters.
646 * @param max_message_length maximum length of a valid message
647 * @param validity return location for why the data is invalid if it is
648 * @param byte_order return location for byte order
649 * @param fields_array_len return location for claimed fields array length
650 * @param header_len return location for claimed header length
651 * @param body_len return location for claimed body length
652 * @param str the data
653 * @param start start of data, 8-aligned
654 * @param len length of data
655 * @returns #TRUE if the data is long enough for the claimed length, and the lengths were valid
658 _dbus_header_have_message_untrusted (int max_message_length,
659 DBusValidity *validity,
661 int *fields_array_len,
664 const DBusString *str,
669 dbus_uint32_t header_len_unsigned;
670 dbus_uint32_t fields_array_len_unsigned;
671 dbus_uint32_t body_len_unsigned;
673 _dbus_assert (start >= 0);
674 _dbus_assert (start < _DBUS_INT_MAX / 2);
675 _dbus_assert (len >= 0);
677 _dbus_assert (start == (int) _DBUS_ALIGN_VALUE (start, 8));
679 *byte_order = _dbus_string_get_byte (str, start + BYTE_ORDER_OFFSET);
681 if (*byte_order != DBUS_LITTLE_ENDIAN && *byte_order != DBUS_BIG_ENDIAN)
683 *validity = DBUS_INVALID_BAD_BYTE_ORDER;
687 _dbus_assert (FIELDS_ARRAY_LENGTH_OFFSET + 4 <= len);
688 fields_array_len_unsigned = _dbus_marshal_read_uint32 (str, start + FIELDS_ARRAY_LENGTH_OFFSET,
691 if (fields_array_len_unsigned > (unsigned) max_message_length)
693 *validity = DBUS_INVALID_INSANE_FIELDS_ARRAY_LENGTH;
697 _dbus_assert (BODY_LENGTH_OFFSET + 4 < len);
698 body_len_unsigned = _dbus_marshal_read_uint32 (str, start + BODY_LENGTH_OFFSET,
701 if (body_len_unsigned > (unsigned) max_message_length)
703 *validity = DBUS_INVALID_INSANE_BODY_LENGTH;
707 header_len_unsigned = FIRST_FIELD_OFFSET + fields_array_len_unsigned;
708 header_len_unsigned = _DBUS_ALIGN_VALUE (header_len_unsigned, 8);
710 /* overflow should be impossible since the lengths aren't allowed to
713 _dbus_assert (max_message_length < _DBUS_INT_MAX / 2);
714 if (body_len_unsigned + header_len_unsigned > (unsigned) max_message_length)
716 *validity = DBUS_INVALID_MESSAGE_TOO_LONG;
720 _dbus_assert (body_len_unsigned < (unsigned) _DBUS_INT_MAX);
721 _dbus_assert (fields_array_len_unsigned < (unsigned) _DBUS_INT_MAX);
722 _dbus_assert (header_len_unsigned < (unsigned) _DBUS_INT_MAX);
724 *body_len = body_len_unsigned;
725 *fields_array_len = fields_array_len_unsigned;
726 *header_len = header_len_unsigned;
728 *validity = DBUS_VALID;
730 _dbus_verbose ("have %d bytes, need body %u + header %u = %u\n",
731 len, body_len_unsigned, header_len_unsigned,
732 body_len_unsigned + header_len_unsigned);
734 return (body_len_unsigned + header_len_unsigned) <= (unsigned) len;
738 check_mandatory_fields (DBusHeader *header)
740 #define REQUIRE_FIELD(name) do { if (header->fields[DBUS_HEADER_FIELD_##name].value_pos < 0) return DBUS_INVALID_MISSING_##name; } while (0)
742 switch (_dbus_header_get_message_type (header))
744 case DBUS_MESSAGE_TYPE_SIGNAL:
745 REQUIRE_FIELD (INTERFACE);
746 /* FALL THRU - signals also require the path and member */
747 case DBUS_MESSAGE_TYPE_METHOD_CALL:
748 REQUIRE_FIELD (PATH);
749 REQUIRE_FIELD (MEMBER);
751 case DBUS_MESSAGE_TYPE_ERROR:
752 REQUIRE_FIELD (ERROR_NAME);
753 REQUIRE_FIELD (REPLY_SERIAL);
755 case DBUS_MESSAGE_TYPE_METHOD_RETURN:
756 REQUIRE_FIELD (REPLY_SERIAL);
759 /* other message types allowed but ignored */
767 load_and_validate_field (DBusHeader *header,
769 DBusTypeReader *variant_reader)
773 const DBusString *value_str;
775 dbus_uint32_t v_UINT32;
777 dbus_bool_t (* string_validation_func) (const DBusString *str,
780 /* Supposed to have been checked already */
781 _dbus_assert (field <= DBUS_HEADER_FIELD_LAST);
782 _dbus_assert (field != DBUS_HEADER_FIELD_INVALID);
784 /* Before we can cache a field, we need to know it has the right type */
785 type = _dbus_type_reader_get_current_type (variant_reader);
787 _dbus_assert (_dbus_header_field_types[field].code == field);
789 expected_type = EXPECTED_TYPE_OF_FIELD (field);
790 if (type != expected_type)
792 _dbus_verbose ("Field %d should have type %d but has %d\n",
793 field, expected_type, type);
794 return DBUS_INVALID_HEADER_FIELD_HAS_WRONG_TYPE;
797 /* If the field was provided twice, we aren't happy */
798 if (header->fields[field].value_pos >= 0)
800 _dbus_verbose ("Header field %d seen a second time\n", field);
801 return DBUS_INVALID_HEADER_FIELD_APPEARS_TWICE;
804 /* Now we can cache and look at the field content */
805 _dbus_verbose ("initially caching field %d\n", field);
806 _dbus_header_cache_one (header, field, variant_reader);
808 string_validation_func = NULL;
810 /* make compiler happy that all this is initialized */
814 bad_string_code = DBUS_VALID;
816 if (expected_type == DBUS_TYPE_UINT32)
818 _dbus_header_get_field_basic (header, field, expected_type,
821 else if (expected_type == DBUS_TYPE_STRING ||
822 expected_type == DBUS_TYPE_OBJECT_PATH ||
823 expected_type == DBUS_TYPE_SIGNATURE)
825 _dbus_header_get_field_raw (header, field,
826 &value_str, &value_pos);
830 _dbus_assert_not_reached ("none of the known fields should have this type");
835 case DBUS_HEADER_FIELD_DESTINATION:
836 string_validation_func = _dbus_validate_bus_name;
837 bad_string_code = DBUS_INVALID_BAD_DESTINATION;
839 case DBUS_HEADER_FIELD_INTERFACE:
840 string_validation_func = _dbus_validate_interface;
841 bad_string_code = DBUS_INVALID_BAD_INTERFACE;
843 if (_dbus_string_equal_substring (&_dbus_local_interface_str,
845 _dbus_string_get_length (&_dbus_local_interface_str),
846 value_str, value_pos))
848 _dbus_verbose ("Message is on the local interface\n");
849 return DBUS_INVALID_USES_LOCAL_INTERFACE;
853 case DBUS_HEADER_FIELD_MEMBER:
854 string_validation_func = _dbus_validate_member;
855 bad_string_code = DBUS_INVALID_BAD_MEMBER;
858 case DBUS_HEADER_FIELD_ERROR_NAME:
859 string_validation_func = _dbus_validate_error_name;
860 bad_string_code = DBUS_INVALID_BAD_ERROR_NAME;
863 case DBUS_HEADER_FIELD_SENDER:
864 string_validation_func = _dbus_validate_bus_name;
865 bad_string_code = DBUS_INVALID_BAD_SENDER;
868 case DBUS_HEADER_FIELD_PATH:
869 /* OBJECT_PATH was validated generically due to its type */
870 string_validation_func = NULL;
872 _dbus_verbose ("value_str %p value_pos %d value_str_len %d\n",
873 value_str, value_pos,
874 _dbus_string_get_length (value_str));
875 if (_dbus_string_equal_substring (&_dbus_local_path_str,
877 _dbus_string_get_length (&_dbus_local_path_str),
878 value_str, value_pos))
880 _dbus_verbose ("Message is from the local path\n");
881 return DBUS_INVALID_USES_LOCAL_PATH;
885 case DBUS_HEADER_FIELD_REPLY_SERIAL:
889 return DBUS_INVALID_BAD_SERIAL;
893 case DBUS_HEADER_FIELD_SIGNATURE:
894 /* SIGNATURE validated generically due to its type */
895 string_validation_func = NULL;
899 _dbus_assert_not_reached ("unknown field shouldn't be seen here");
903 if (string_validation_func)
907 _dbus_assert (bad_string_code != DBUS_VALID);
909 len = _dbus_marshal_read_uint32 (value_str, value_pos,
910 header->byte_order, NULL);
912 if (!(*string_validation_func) (value_str, value_pos + 4, len))
913 return bad_string_code;
920 * Creates a message header from potentially-untrusted data. The
921 * return value is #TRUE if there was enough memory and the data was
922 * valid. If it returns #TRUE, the header will be created. If it
923 * returns #FALSE and *validity == #DBUS_VALID, then there wasn't
924 * enough memory. If it returns #FALSE and *validity != #DBUS_VALID
925 * then the data was invalid.
927 * The byte_order, fields_array_len, and body_len args should be from
928 * _dbus_header_have_message_untrusted(). Validation performed in
929 * _dbus_header_have_message_untrusted() is assumed to have been
932 * @param header the header (must be initialized)
933 * @param mode whether to do validation
934 * @param validity return location for invalidity reason
935 * @param byte_order byte order from header
936 * @param fields_array_len claimed length of fields array
937 * @param body_len claimed length of body
938 * @param header_len claimed length of header
939 * @param str a string
940 * @param start start of header, 8-aligned
941 * @param len length of string to look at
942 * @returns #FALSE if no memory or data was invalid, #TRUE otherwise
945 _dbus_header_load (DBusHeader *header,
946 DBusValidationMode mode,
947 DBusValidity *validity,
949 int fields_array_len,
952 const DBusString *str,
958 DBusTypeReader reader;
959 DBusTypeReader array_reader;
960 unsigned char v_byte;
961 dbus_uint32_t v_uint32;
962 dbus_uint32_t serial;
967 _dbus_assert (start == (int) _DBUS_ALIGN_VALUE (start, 8));
968 _dbus_assert (header_len <= len);
969 _dbus_assert (_dbus_string_get_length (&header->data) == 0);
971 if (!_dbus_string_copy_len (str, start, header_len, &header->data, 0))
973 _dbus_verbose ("Failed to copy buffer into new header\n");
974 *validity = DBUS_VALID;
978 if (mode == DBUS_VALIDATION_MODE_WE_TRUST_THIS_DATA_ABSOLUTELY)
980 leftover = len - header_len - body_len - start;
984 v = _dbus_validate_body_with_reason (&_dbus_header_signature_str, 0,
996 _dbus_assert (leftover < len);
998 padding_len = header_len - (FIRST_FIELD_OFFSET + fields_array_len);
999 padding_start = start + FIRST_FIELD_OFFSET + fields_array_len;
1000 _dbus_assert (start + header_len == (int) _DBUS_ALIGN_VALUE (padding_start, 8));
1001 _dbus_assert (start + header_len == padding_start + padding_len);
1003 if (mode != DBUS_VALIDATION_MODE_WE_TRUST_THIS_DATA_ABSOLUTELY)
1005 if (!_dbus_string_validate_nul (str, padding_start, padding_len))
1007 *validity = DBUS_INVALID_ALIGNMENT_PADDING_NOT_NUL;
1012 header->padding = padding_len;
1014 if (mode == DBUS_VALIDATION_MODE_WE_TRUST_THIS_DATA_ABSOLUTELY)
1016 *validity = DBUS_VALID;
1020 /* We now know the data is well-formed, but we have to check that
1024 _dbus_type_reader_init (&reader,
1026 &_dbus_header_signature_str, 0,
1030 _dbus_assert (_dbus_type_reader_get_current_type (&reader) == DBUS_TYPE_BYTE);
1031 _dbus_assert (_dbus_type_reader_get_value_pos (&reader) == BYTE_ORDER_OFFSET);
1032 _dbus_type_reader_read_basic (&reader, &v_byte);
1033 _dbus_type_reader_next (&reader);
1035 _dbus_assert (v_byte == byte_order);
1038 _dbus_assert (_dbus_type_reader_get_current_type (&reader) == DBUS_TYPE_BYTE);
1039 _dbus_assert (_dbus_type_reader_get_value_pos (&reader) == TYPE_OFFSET);
1040 _dbus_type_reader_read_basic (&reader, &v_byte);
1041 _dbus_type_reader_next (&reader);
1043 /* unknown message types are supposed to be ignored, so only validation here is
1044 * that it isn't invalid
1046 if (v_byte == DBUS_MESSAGE_TYPE_INVALID)
1048 *validity = DBUS_INVALID_BAD_MESSAGE_TYPE;
1053 _dbus_assert (_dbus_type_reader_get_current_type (&reader) == DBUS_TYPE_BYTE);
1054 _dbus_assert (_dbus_type_reader_get_value_pos (&reader) == FLAGS_OFFSET);
1055 _dbus_type_reader_read_basic (&reader, &v_byte);
1056 _dbus_type_reader_next (&reader);
1058 /* unknown flags should be ignored */
1060 /* PROTOCOL VERSION */
1061 _dbus_assert (_dbus_type_reader_get_current_type (&reader) == DBUS_TYPE_BYTE);
1062 _dbus_assert (_dbus_type_reader_get_value_pos (&reader) == VERSION_OFFSET);
1063 _dbus_type_reader_read_basic (&reader, &v_byte);
1064 _dbus_type_reader_next (&reader);
1066 if (v_byte != DBUS_MAJOR_PROTOCOL_VERSION)
1068 *validity = DBUS_INVALID_BAD_PROTOCOL_VERSION;
1073 _dbus_assert (_dbus_type_reader_get_current_type (&reader) == DBUS_TYPE_UINT32);
1074 _dbus_assert (_dbus_type_reader_get_value_pos (&reader) == BODY_LENGTH_OFFSET);
1075 _dbus_type_reader_read_basic (&reader, &v_uint32);
1076 _dbus_type_reader_next (&reader);
1078 _dbus_assert (body_len == (signed) v_uint32);
1081 _dbus_assert (_dbus_type_reader_get_current_type (&reader) == DBUS_TYPE_UINT32);
1082 _dbus_assert (_dbus_type_reader_get_value_pos (&reader) == SERIAL_OFFSET);
1083 _dbus_type_reader_read_basic (&reader, &serial);
1084 _dbus_type_reader_next (&reader);
1088 *validity = DBUS_INVALID_BAD_SERIAL;
1092 _dbus_assert (_dbus_type_reader_get_current_type (&reader) == DBUS_TYPE_ARRAY);
1093 _dbus_assert (_dbus_type_reader_get_value_pos (&reader) == FIELDS_ARRAY_LENGTH_OFFSET);
1095 _dbus_type_reader_recurse (&reader, &array_reader);
1096 while (_dbus_type_reader_get_current_type (&array_reader) != DBUS_TYPE_INVALID)
1098 DBusTypeReader struct_reader;
1099 DBusTypeReader variant_reader;
1100 unsigned char field_code;
1102 _dbus_assert (_dbus_type_reader_get_current_type (&array_reader) == DBUS_TYPE_STRUCT);
1104 _dbus_type_reader_recurse (&array_reader, &struct_reader);
1106 _dbus_assert (_dbus_type_reader_get_current_type (&struct_reader) == DBUS_TYPE_BYTE);
1107 _dbus_type_reader_read_basic (&struct_reader, &field_code);
1108 _dbus_type_reader_next (&struct_reader);
1110 if (field_code == DBUS_HEADER_FIELD_INVALID)
1112 _dbus_verbose ("invalid header field code\n");
1113 *validity = DBUS_INVALID_HEADER_FIELD_CODE;
1117 if (field_code > DBUS_HEADER_FIELD_LAST)
1119 _dbus_verbose ("unknown header field code %d, skipping\n",
1124 _dbus_assert (_dbus_type_reader_get_current_type (&struct_reader) == DBUS_TYPE_VARIANT);
1125 _dbus_type_reader_recurse (&struct_reader, &variant_reader);
1127 v = load_and_validate_field (header, field_code, &variant_reader);
1128 if (v != DBUS_VALID)
1130 _dbus_verbose ("Field %d was invalid\n", field_code);
1136 _dbus_type_reader_next (&array_reader);
1139 /* Anything we didn't fill in is now known not to exist */
1141 while (i <= DBUS_HEADER_FIELD_LAST)
1143 if (header->fields[i].value_pos == _DBUS_HEADER_FIELD_VALUE_UNKNOWN)
1144 header->fields[i].value_pos = _DBUS_HEADER_FIELD_VALUE_NONEXISTENT;
1148 v = check_mandatory_fields (header);
1149 if (v != DBUS_VALID)
1151 _dbus_verbose ("Mandatory fields were missing, code %d\n", v);
1156 *validity = DBUS_VALID;
1160 _dbus_string_set_length (&header->data, 0);
1165 * Fills in the correct body length.
1167 * @param header the header
1168 * @param body_len the length of the body
1171 _dbus_header_update_lengths (DBusHeader *header,
1174 _dbus_marshal_set_uint32 (&header->data,
1177 header->byte_order);
1181 find_field_for_modification (DBusHeader *header,
1183 DBusTypeReader *reader,
1184 DBusTypeReader *realign_root)
1190 _dbus_type_reader_init (realign_root,
1192 &_dbus_header_signature_str,
1193 FIELDS_ARRAY_SIGNATURE_OFFSET,
1195 FIELDS_ARRAY_LENGTH_OFFSET);
1197 _dbus_type_reader_recurse (realign_root, reader);
1199 while (_dbus_type_reader_get_current_type (reader) != DBUS_TYPE_INVALID)
1202 unsigned char field_code;
1204 _dbus_type_reader_recurse (reader, &sub);
1206 _dbus_assert (_dbus_type_reader_get_current_type (&sub) == DBUS_TYPE_BYTE);
1207 _dbus_type_reader_read_basic (&sub, &field_code);
1209 if (field_code == (unsigned) field)
1211 _dbus_assert (_dbus_type_reader_get_current_type (reader) == DBUS_TYPE_STRUCT);
1216 _dbus_type_reader_next (reader);
1224 * Sets the value of a field with basic type. If the value is a string
1225 * value, it isn't allowed to be #NULL. If the field doesn't exist,
1226 * it will be created.
1228 * @param header the header
1229 * @param field the field to set
1230 * @param type the type of the value
1231 * @param value the value as for _dbus_marshal_set_basic()
1232 * @returns #FALSE if no memory
1235 _dbus_header_set_field_basic (DBusHeader *header,
1240 _dbus_assert (field <= DBUS_HEADER_FIELD_LAST);
1242 if (!reserve_header_padding (header))
1245 /* If the field exists we set, otherwise we append */
1246 if (_dbus_header_cache_check (header, field))
1248 DBusTypeReader reader;
1249 DBusTypeReader realign_root;
1251 if (!find_field_for_modification (header, field,
1252 &reader, &realign_root))
1253 _dbus_assert_not_reached ("field was marked present in cache but wasn't found");
1255 if (!set_basic_field (&reader, field, type, value, &realign_root))
1260 DBusTypeWriter writer;
1261 DBusTypeWriter array;
1263 _dbus_type_writer_init_values_only (&writer,
1265 &_dbus_header_signature_str,
1266 FIELDS_ARRAY_SIGNATURE_OFFSET,
1268 FIELDS_ARRAY_LENGTH_OFFSET);
1270 /* recurse into array without creating a new length, and jump to
1273 if (!_dbus_type_writer_append_array (&writer,
1274 &_dbus_header_signature_str,
1275 FIELDS_ARRAY_ELEMENT_SIGNATURE_OFFSET,
1277 _dbus_assert_not_reached ("recurse into ARRAY should not have used memory");
1279 _dbus_assert (array.u.array.len_pos == FIELDS_ARRAY_LENGTH_OFFSET);
1280 _dbus_assert (array.u.array.start_pos == FIRST_FIELD_OFFSET);
1281 _dbus_assert (array.value_pos == HEADER_END_BEFORE_PADDING (header));
1283 if (!write_basic_field (&array,
1284 field, type, value))
1287 if (!_dbus_type_writer_unrecurse (&writer, &array))
1288 _dbus_assert_not_reached ("unrecurse from ARRAY should not have used memory");
1291 correct_header_padding (header);
1293 /* We could be smarter about this (only invalidate fields after the
1294 * one we modified, or even only if the one we modified changed
1295 * length). But this hack is a start.
1297 _dbus_header_cache_invalidate_all (header);
1303 * Gets the value of a field with basic type. If the field
1304 * doesn't exist, returns #FALSE, otherwise returns #TRUE.
1306 * @param header the header
1307 * @param field the field to get
1308 * @param type the type of the value
1309 * @param value the value as for _dbus_marshal_read_basic()
1310 * @returns #FALSE if the field doesn't exist
1313 _dbus_header_get_field_basic (DBusHeader *header,
1318 _dbus_assert (field != DBUS_HEADER_FIELD_INVALID);
1319 _dbus_assert (field <= DBUS_HEADER_FIELD_LAST);
1320 _dbus_assert (_dbus_header_field_types[field].code == field);
1321 /* in light of this you might ask why the type is passed in;
1322 * the only rationale I can think of is so the caller has
1323 * to specify its expectation and breaks if we change it
1325 _dbus_assert (type == EXPECTED_TYPE_OF_FIELD (field));
1327 if (!_dbus_header_cache_check (header, field))
1330 _dbus_assert (header->fields[field].value_pos >= 0);
1332 _dbus_marshal_read_basic (&header->data,
1333 header->fields[field].value_pos,
1334 type, value, header->byte_order,
1341 * Gets the raw marshaled data for a field. If the field doesn't
1342 * exist, returns #FALSE, otherwise returns #TRUE. Returns the start
1343 * of the marshaled data, i.e. usually the byte where the length
1344 * starts (for strings and arrays) or for basic types just the value
1347 * @param header the header
1348 * @param field the field to get
1349 * @param str return location for the data string
1350 * @param pos return location for start of field value
1351 * @returns #FALSE if the field doesn't exist
1354 _dbus_header_get_field_raw (DBusHeader *header,
1356 const DBusString **str,
1359 if (!_dbus_header_cache_check (header, field))
1363 *str = &header->data;
1365 *pos = header->fields[field].value_pos;
1371 * Deletes a field, if it exists.
1373 * @param header the header
1374 * @param field the field to delete
1375 * @returns #FALSE if no memory
1378 _dbus_header_delete_field (DBusHeader *header,
1381 DBusTypeReader reader;
1382 DBusTypeReader realign_root;
1384 if (_dbus_header_cache_known_nonexistent (header, field))
1385 return TRUE; /* nothing to do */
1387 /* Scan to the field we want, delete and realign, reappend
1388 * padding. Field may turn out not to exist.
1390 if (!find_field_for_modification (header, field,
1391 &reader, &realign_root))
1392 return TRUE; /* nothing to do */
1394 if (!reserve_header_padding (header))
1397 if (!_dbus_type_reader_delete (&reader,
1401 correct_header_padding (header);
1403 _dbus_header_cache_invalidate_all (header);
1405 _dbus_assert (!_dbus_header_cache_check (header, field)); /* Expensive assertion ... */
1411 * Toggles a message flag bit, turning on the bit if value = TRUE and
1412 * flipping it off if value = FALSE.
1414 * @param header the header
1415 * @param flag the message flag to toggle
1416 * @param value toggle on or off
1419 _dbus_header_toggle_flag (DBusHeader *header,
1423 unsigned char *flags_p;
1425 flags_p = _dbus_string_get_data_len (&header->data, FLAGS_OFFSET, 1);
1434 * Gets a message flag bit, returning TRUE if the bit is set.
1436 * @param header the header
1437 * @param flag the message flag to get
1438 * @returns #TRUE if the flag is set
1441 _dbus_header_get_flag (DBusHeader *header,
1444 const unsigned char *flags_p;
1446 flags_p = _dbus_string_get_const_data_len (&header->data, FLAGS_OFFSET, 1);
1448 return (*flags_p & flag) != 0;
1453 #ifdef DBUS_BUILD_TESTS
1454 #include "dbus-test.h"
1458 _dbus_marshal_header_test (void)
1464 #endif /* DBUS_BUILD_TESTS */
projects / platform / upstream / dbus.git / blob