1 /* -*- mode: C; c-file-style: "gnu" -*- */
2 /* dbus-marshal-header.c Managing marshaling/demarshaling of message headers
4 * Copyright (C) 2005 Red Hat, Inc.
6 * Licensed under the Academic Free License version 2.1
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24 #include "dbus-marshal-header.h"
25 #include "dbus-marshal-recursive.h"
26 #include "dbus-marshal-byteswap.h"
29 * @addtogroup DBusMarshal
35 /* Not thread locked, but strictly const/read-only so should be OK
37 /** Static #DBusString containing the signature of a message header */
38 _DBUS_STRING_DEFINE_STATIC(_dbus_header_signature_str, DBUS_HEADER_SIGNATURE);
39 /** Static #DBusString containing the local interface */
40 _DBUS_STRING_DEFINE_STATIC(_dbus_local_interface_str, DBUS_INTERFACE_ORG_FREEDESKTOP_LOCAL);
41 /** Static #DBusString containing the local path */
42 _DBUS_STRING_DEFINE_STATIC(_dbus_local_path_str, DBUS_PATH_ORG_FREEDESKTOP_LOCAL);
44 /** Offset from start of _dbus_header_signature_str to the signature of the fields array */
45 #define FIELDS_ARRAY_SIGNATURE_OFFSET 6
46 /** Offset from start of _dbus_header_signature_str to the signature of an element of the fields array */
47 #define FIELDS_ARRAY_ELEMENT_SIGNATURE_OFFSET 7
50 /** Offset to byte order from start of header */
51 #define BYTE_ORDER_OFFSET 0
52 /** Offset to type from start of header */
54 /** Offset to flags from start of header */
55 #define FLAGS_OFFSET 2
56 /** Offset to version from start of header */
57 #define VERSION_OFFSET 3
58 /** Offset to body length from start of header */
59 #define BODY_LENGTH_OFFSET 4
60 /** Offset to client serial from start of header */
61 #define SERIAL_OFFSET 8
62 /** Offset to fields array length from start of header */
63 #define FIELDS_ARRAY_LENGTH_OFFSET 12
64 /** Offset to first field in header */
65 #define FIRST_FIELD_OFFSET 16
73 static const HeaderFieldType
74 _dbus_header_field_types[DBUS_HEADER_FIELD_LAST+1] = {
75 { DBUS_HEADER_FIELD_INVALID, DBUS_TYPE_INVALID },
76 { DBUS_HEADER_FIELD_PATH, DBUS_TYPE_OBJECT_PATH },
77 { DBUS_HEADER_FIELD_INTERFACE, DBUS_TYPE_STRING },
78 { DBUS_HEADER_FIELD_MEMBER, DBUS_TYPE_STRING },
79 { DBUS_HEADER_FIELD_ERROR_NAME, DBUS_TYPE_STRING },
80 { DBUS_HEADER_FIELD_REPLY_SERIAL, DBUS_TYPE_UINT32 },
81 { DBUS_HEADER_FIELD_DESTINATION, DBUS_TYPE_STRING },
82 { DBUS_HEADER_FIELD_SENDER, DBUS_TYPE_STRING },
83 { DBUS_HEADER_FIELD_SIGNATURE, DBUS_TYPE_SIGNATURE }
86 /** Macro to look up the correct type for a field */
87 #define EXPECTED_TYPE_OF_FIELD(field) (_dbus_header_field_types[field].type)
89 /** The most padding we could ever need for a header */
90 #define MAX_POSSIBLE_HEADER_PADDING 7
92 reserve_header_padding (DBusHeader *header)
94 _dbus_assert (header->padding <= MAX_POSSIBLE_HEADER_PADDING);
96 if (!_dbus_string_lengthen (&header->data,
97 MAX_POSSIBLE_HEADER_PADDING - header->padding))
99 header->padding = MAX_POSSIBLE_HEADER_PADDING;
104 correct_header_padding (DBusHeader *header)
108 _dbus_assert (header->padding == 7);
110 _dbus_string_shorten (&header->data, header->padding);
111 unpadded_len = _dbus_string_get_length (&header->data);
113 if (!_dbus_string_align_length (&header->data, 8))
114 _dbus_assert_not_reached ("couldn't pad header though enough padding was preallocated");
116 header->padding = _dbus_string_get_length (&header->data) - unpadded_len;
119 /** Compute the end of the header, ignoring padding */
120 #define HEADER_END_BEFORE_PADDING(header) \
121 (_dbus_string_get_length (&(header)->data) - (header)->padding)
124 * Invalidates all fields in the cache. This may be used when the
125 * cache is totally uninitialized (contains junk) so should not
126 * look at what's in there now.
128 * @param header the header
131 _dbus_header_cache_invalidate_all (DBusHeader *header)
136 while (i <= DBUS_HEADER_FIELD_LAST)
138 header->fields[i].value_pos = _DBUS_HEADER_FIELD_VALUE_UNKNOWN;
146 * @param header the header
147 * @param field_code the field
148 * @param variant_reader the reader for the variant in the field
151 _dbus_header_cache_one (DBusHeader *header,
153 DBusTypeReader *variant_reader)
157 variant_type = _dbus_type_reader_get_current_type (variant_reader);
159 header->fields[field_code].value_pos =
160 _dbus_type_reader_get_value_pos (variant_reader);
163 _dbus_verbose ("cached value_pos %d for field %d\n",
164 header->fields[field_code].value_pos, field_code)
169 * Revalidates the fields cache
171 * @param header the header
174 _dbus_header_cache_revalidate (DBusHeader *header)
176 DBusTypeReader array;
177 DBusTypeReader reader;
181 while (i <= DBUS_HEADER_FIELD_LAST)
183 header->fields[i].value_pos = _DBUS_HEADER_FIELD_VALUE_NONEXISTENT;
187 _dbus_type_reader_init (&reader,
189 &_dbus_header_signature_str,
190 FIELDS_ARRAY_SIGNATURE_OFFSET,
192 FIELDS_ARRAY_LENGTH_OFFSET);
194 _dbus_type_reader_recurse (&reader, &array);
196 while (_dbus_type_reader_get_current_type (&array) != DBUS_TYPE_INVALID)
199 DBusTypeReader variant;
200 unsigned char field_code;
202 _dbus_type_reader_recurse (&array, &sub);
204 _dbus_assert (_dbus_type_reader_get_current_type (&sub) == DBUS_TYPE_BYTE);
205 _dbus_type_reader_read_basic (&sub, &field_code);
207 /* Unknown fields should be ignored */
208 if (field_code > DBUS_HEADER_FIELD_LAST)
211 _dbus_type_reader_next (&sub);
213 _dbus_assert (_dbus_type_reader_get_current_type (&sub) == DBUS_TYPE_VARIANT);
214 _dbus_type_reader_recurse (&sub, &variant);
216 _dbus_header_cache_one (header, field_code, &variant);
219 _dbus_type_reader_next (&array);
224 * Checks for a field, updating the cache if required.
226 * @param header the header
227 * @param field the field to check
228 * @returns #FALSE if the field doesn't exist
231 _dbus_header_cache_check (DBusHeader *header,
234 _dbus_assert (field <= DBUS_HEADER_FIELD_LAST);
236 if (header->fields[field].value_pos == _DBUS_HEADER_FIELD_VALUE_UNKNOWN)
237 _dbus_header_cache_revalidate (header);
239 if (header->fields[field].value_pos == _DBUS_HEADER_FIELD_VALUE_NONEXISTENT)
246 * Checks whether a field is known not to exist. It may exist
247 * even if it's not known to exist.
249 * @param header the header
250 * @param field the field to check
251 * @returns #FALSE if the field definitely doesn't exist
254 _dbus_header_cache_known_nonexistent (DBusHeader *header,
257 _dbus_assert (field <= DBUS_HEADER_FIELD_LAST);
259 return (header->fields[field].value_pos == _DBUS_HEADER_FIELD_VALUE_NONEXISTENT);
263 * Writes a struct of { byte, variant } with the given basic type.
265 * @param writer the writer (should be ready to write a struct)
266 * @param type the type of the value
267 * @param value the value as for _dbus_marshal_set_basic()
268 * @returns #FALSE if no memory
271 write_basic_field (DBusTypeWriter *writer,
277 DBusTypeWriter variant;
280 unsigned char field_byte;
281 DBusString contained_type;
284 start = writer->value_pos;
285 padding = _dbus_string_get_length (writer->value_str) - start;
287 if (!_dbus_type_writer_recurse (writer, DBUS_TYPE_STRUCT,
292 if (!_dbus_type_writer_write_basic (&sub, DBUS_TYPE_BYTE,
298 _dbus_string_init_const_len (&contained_type, buf, 1);
300 if (!_dbus_type_writer_recurse (&sub, DBUS_TYPE_VARIANT,
301 &contained_type, 0, &variant))
304 if (!_dbus_type_writer_write_basic (&variant, type, value))
307 if (!_dbus_type_writer_unrecurse (&sub, &variant))
310 if (!_dbus_type_writer_unrecurse (writer, &sub))
316 _dbus_string_delete (writer->value_str,
318 _dbus_string_get_length (writer->value_str) - start - padding);
323 * Sets a struct of { byte, variant } with the given basic type.
325 * @param reader the reader (should be iterating over the array pointing at the field to set)
326 * @param type the type of the value
327 * @param value the value as for _dbus_marshal_set_basic()
328 * @param realign_root where to realign from
329 * @returns #FALSE if no memory
332 set_basic_field (DBusTypeReader *reader,
336 const DBusTypeReader *realign_root)
339 DBusTypeReader variant;
341 _dbus_type_reader_recurse (reader, &sub);
343 _dbus_assert (_dbus_type_reader_get_current_type (&sub) == DBUS_TYPE_BYTE);
344 #ifndef DBUS_DISABLE_ASSERT
346 unsigned char v_BYTE;
347 _dbus_type_reader_read_basic (&sub, &v_BYTE);
348 _dbus_assert (((int) v_BYTE) == field);
352 if (!_dbus_type_reader_next (&sub))
353 _dbus_assert_not_reached ("no variant field?");
355 _dbus_type_reader_recurse (&sub, &variant);
356 _dbus_assert (_dbus_type_reader_get_current_type (&variant) == type);
358 if (!_dbus_type_reader_set_basic (&variant, value, realign_root))
365 * Gets the type of the message.
367 * @param header the header
371 _dbus_header_get_message_type (DBusHeader *header)
375 type = _dbus_string_get_byte (&header->data, TYPE_OFFSET);
376 _dbus_assert (type != DBUS_MESSAGE_TYPE_INVALID);
382 * Sets the serial number of a header. This can only be done once on
385 * @param header the header
386 * @param serial the serial
389 _dbus_header_set_serial (DBusHeader *header,
390 dbus_uint32_t serial)
392 /* we use this function to set the serial on outgoing
393 * messages, and to reset the serial in dbus_message_copy;
394 * this assertion should catch a double-set on outgoing.
396 _dbus_assert (_dbus_header_get_serial (header) == 0 ||
399 _dbus_marshal_set_uint32 (&header->data,
406 * See dbus_message_get_serial()
408 * @param header the header
409 * @returns the client serial
412 _dbus_header_get_serial (DBusHeader *header)
414 return _dbus_marshal_read_uint32 (&header->data,
421 * Re-initializes a header that was previously initialized and never
422 * freed. After this, to make the header valid you have to call
423 * _dbus_header_create().
425 * @param header header to re-initialize
426 * @param byte_order byte order of the header
429 _dbus_header_reinit (DBusHeader *header,
432 _dbus_string_set_length (&header->data, 0);
434 header->byte_order = byte_order;
437 _dbus_header_cache_invalidate_all (header);
441 * Initializes a header, but doesn't prepare it for use;
442 * to make the header valid, you have to call _dbus_header_create().
444 * @param header header to initialize
445 * @param byte_order byte order of the header
446 * @returns #FALSE if not enough memory
449 _dbus_header_init (DBusHeader *header,
452 if (!_dbus_string_init_preallocated (&header->data, 32))
455 _dbus_header_reinit (header, byte_order);
463 * @param header the header
466 _dbus_header_free (DBusHeader *header)
468 _dbus_string_free (&header->data);
472 * Initializes dest with a copy of the given header.
473 * Resets the message serial to 0 on the copy.
475 * @param header header to copy
476 * @param dest destination for copy
477 * @returns #FALSE if not enough memory
480 _dbus_header_copy (const DBusHeader *header,
485 if (!_dbus_string_init_preallocated (&dest->data,
486 _dbus_string_get_length (&header->data)))
489 if (!_dbus_string_copy (&header->data, 0, &dest->data, 0))
491 _dbus_string_free (&dest->data);
495 /* Reset the serial */
496 _dbus_header_set_serial (dest, 0);
502 * Fills in the primary fields of the header, so the header is ready
503 * for use. #NULL may be specified for some or all of the fields to
504 * avoid adding those fields. Some combinations of fields don't make
505 * sense, and passing them in will trigger an assertion failure.
507 * @param header the header
508 * @param message_type the message type
509 * @param destination destination field or #NULL
510 * @param path path field or #NULL
511 * @param interface interface field or #NULL
512 * @param member member field or #NULL
513 * @param error_name error name or #NULL
514 * @returns #FALSE if not enough memory
517 _dbus_header_create (DBusHeader *header,
519 const char *destination,
521 const char *interface,
523 const char *error_name)
525 unsigned char v_BYTE;
526 dbus_uint32_t v_UINT32;
527 DBusTypeWriter writer;
528 DBusTypeWriter array;
530 _dbus_assert ((interface && member) ||
532 !(interface || member || error_name));
533 _dbus_assert (_dbus_string_get_length (&header->data) == 0);
535 if (!reserve_header_padding (header))
538 _dbus_type_writer_init_values_only (&writer, header->byte_order,
539 &_dbus_header_signature_str, 0,
541 HEADER_END_BEFORE_PADDING (header));
543 v_BYTE = header->byte_order;
544 if (!_dbus_type_writer_write_basic (&writer, DBUS_TYPE_BYTE,
548 v_BYTE = message_type;
549 if (!_dbus_type_writer_write_basic (&writer, DBUS_TYPE_BYTE,
553 v_BYTE = 0; /* flags */
554 if (!_dbus_type_writer_write_basic (&writer, DBUS_TYPE_BYTE,
558 v_BYTE = DBUS_MAJOR_PROTOCOL_VERSION;
559 if (!_dbus_type_writer_write_basic (&writer, DBUS_TYPE_BYTE,
563 v_UINT32 = 0; /* body length */
564 if (!_dbus_type_writer_write_basic (&writer, DBUS_TYPE_UINT32,
568 v_UINT32 = 0; /* serial */
569 if (!_dbus_type_writer_write_basic (&writer, DBUS_TYPE_UINT32,
573 if (!_dbus_type_writer_recurse (&writer, DBUS_TYPE_ARRAY,
574 &_dbus_header_signature_str,
575 FIELDS_ARRAY_SIGNATURE_OFFSET,
579 /* Marshal all the fields (Marshall Fields?) */
583 if (!write_basic_field (&array,
584 DBUS_HEADER_FIELD_PATH,
585 DBUS_TYPE_OBJECT_PATH,
590 if (destination != NULL)
592 if (!write_basic_field (&array,
593 DBUS_HEADER_FIELD_DESTINATION,
599 if (interface != NULL)
601 if (!write_basic_field (&array,
602 DBUS_HEADER_FIELD_INTERFACE,
610 if (!write_basic_field (&array,
611 DBUS_HEADER_FIELD_MEMBER,
617 if (error_name != NULL)
619 if (!write_basic_field (&array,
620 DBUS_HEADER_FIELD_ERROR_NAME,
626 if (!_dbus_type_writer_unrecurse (&writer, &array))
629 correct_header_padding (header);
634 _dbus_string_delete (&header->data, 0,
635 _dbus_string_get_length (&header->data) - header->padding);
636 correct_header_padding (header);
642 * Given data long enough to contain the length of the message body
643 * and the fields array, check whether the data is long enough to
644 * contain the entire message (assuming the claimed lengths are
645 * accurate). Also checks that the lengths are in sanity parameters.
647 * @param max_message_length maximum length of a valid message
648 * @param validity return location for why the data is invalid if it is
649 * @param byte_order return location for byte order
650 * @param fields_array_len return location for claimed fields array length
651 * @param header_len return location for claimed header length
652 * @param body_len return location for claimed body length
653 * @param str the data
654 * @param start start of data, 8-aligned
655 * @param len length of data
656 * @returns #TRUE if the data is long enough for the claimed length, and the lengths were valid
659 _dbus_header_have_message_untrusted (int max_message_length,
660 DBusValidity *validity,
662 int *fields_array_len,
665 const DBusString *str,
670 dbus_uint32_t header_len_unsigned;
671 dbus_uint32_t fields_array_len_unsigned;
672 dbus_uint32_t body_len_unsigned;
674 _dbus_assert (start >= 0);
675 _dbus_assert (start < _DBUS_INT_MAX / 2);
676 _dbus_assert (len >= 0);
678 _dbus_assert (start == (int) _DBUS_ALIGN_VALUE (start, 8));
680 *byte_order = _dbus_string_get_byte (str, start + BYTE_ORDER_OFFSET);
682 if (*byte_order != DBUS_LITTLE_ENDIAN && *byte_order != DBUS_BIG_ENDIAN)
684 *validity = DBUS_INVALID_BAD_BYTE_ORDER;
688 _dbus_assert (FIELDS_ARRAY_LENGTH_OFFSET + 4 <= len);
689 fields_array_len_unsigned = _dbus_marshal_read_uint32 (str, start + FIELDS_ARRAY_LENGTH_OFFSET,
692 if (fields_array_len_unsigned > (unsigned) max_message_length)
694 *validity = DBUS_INVALID_INSANE_FIELDS_ARRAY_LENGTH;
698 _dbus_assert (BODY_LENGTH_OFFSET + 4 < len);
699 body_len_unsigned = _dbus_marshal_read_uint32 (str, start + BODY_LENGTH_OFFSET,
702 if (body_len_unsigned > (unsigned) max_message_length)
704 *validity = DBUS_INVALID_INSANE_BODY_LENGTH;
708 header_len_unsigned = FIRST_FIELD_OFFSET + fields_array_len_unsigned;
709 header_len_unsigned = _DBUS_ALIGN_VALUE (header_len_unsigned, 8);
711 /* overflow should be impossible since the lengths aren't allowed to
714 _dbus_assert (max_message_length < _DBUS_INT_MAX / 2);
715 if (body_len_unsigned + header_len_unsigned > (unsigned) max_message_length)
717 *validity = DBUS_INVALID_MESSAGE_TOO_LONG;
721 _dbus_assert (body_len_unsigned < (unsigned) _DBUS_INT_MAX);
722 _dbus_assert (fields_array_len_unsigned < (unsigned) _DBUS_INT_MAX);
723 _dbus_assert (header_len_unsigned < (unsigned) _DBUS_INT_MAX);
725 *body_len = body_len_unsigned;
726 *fields_array_len = fields_array_len_unsigned;
727 *header_len = header_len_unsigned;
729 *validity = DBUS_VALID;
731 _dbus_verbose ("have %d bytes, need body %u + header %u = %u\n",
732 len, body_len_unsigned, header_len_unsigned,
733 body_len_unsigned + header_len_unsigned);
735 return (body_len_unsigned + header_len_unsigned) <= (unsigned) len;
739 check_mandatory_fields (DBusHeader *header)
741 #define REQUIRE_FIELD(name) do { if (header->fields[DBUS_HEADER_FIELD_##name].value_pos < 0) return DBUS_INVALID_MISSING_##name; } while (0)
743 switch (_dbus_header_get_message_type (header))
745 case DBUS_MESSAGE_TYPE_SIGNAL:
746 REQUIRE_FIELD (INTERFACE);
747 /* FALL THRU - signals also require the path and member */
748 case DBUS_MESSAGE_TYPE_METHOD_CALL:
749 REQUIRE_FIELD (PATH);
750 REQUIRE_FIELD (MEMBER);
752 case DBUS_MESSAGE_TYPE_ERROR:
753 REQUIRE_FIELD (ERROR_NAME);
754 REQUIRE_FIELD (REPLY_SERIAL);
756 case DBUS_MESSAGE_TYPE_METHOD_RETURN:
757 REQUIRE_FIELD (REPLY_SERIAL);
760 /* other message types allowed but ignored */
768 load_and_validate_field (DBusHeader *header,
770 DBusTypeReader *variant_reader)
774 const DBusString *value_str;
776 dbus_uint32_t v_UINT32;
778 dbus_bool_t (* string_validation_func) (const DBusString *str,
781 /* Supposed to have been checked already */
782 _dbus_assert (field <= DBUS_HEADER_FIELD_LAST);
783 _dbus_assert (field != DBUS_HEADER_FIELD_INVALID);
785 /* Before we can cache a field, we need to know it has the right type */
786 type = _dbus_type_reader_get_current_type (variant_reader);
788 _dbus_assert (_dbus_header_field_types[field].code == field);
790 expected_type = EXPECTED_TYPE_OF_FIELD (field);
791 if (type != expected_type)
793 _dbus_verbose ("Field %d should have type %d but has %d\n",
794 field, expected_type, type);
795 return DBUS_INVALID_HEADER_FIELD_HAS_WRONG_TYPE;
798 /* If the field was provided twice, we aren't happy */
799 if (header->fields[field].value_pos >= 0)
801 _dbus_verbose ("Header field %d seen a second time\n", field);
802 return DBUS_INVALID_HEADER_FIELD_APPEARS_TWICE;
805 /* Now we can cache and look at the field content */
806 _dbus_verbose ("initially caching field %d\n", field);
807 _dbus_header_cache_one (header, field, variant_reader);
809 string_validation_func = NULL;
811 /* make compiler happy that all this is initialized */
815 bad_string_code = DBUS_VALID;
817 if (expected_type == DBUS_TYPE_UINT32)
819 _dbus_header_get_field_basic (header, field, expected_type,
822 else if (expected_type == DBUS_TYPE_STRING ||
823 expected_type == DBUS_TYPE_OBJECT_PATH ||
824 expected_type == DBUS_TYPE_SIGNATURE)
826 _dbus_header_get_field_raw (header, field,
827 &value_str, &value_pos);
831 _dbus_assert_not_reached ("none of the known fields should have this type");
836 case DBUS_HEADER_FIELD_DESTINATION:
837 string_validation_func = _dbus_validate_bus_name;
838 bad_string_code = DBUS_INVALID_BAD_DESTINATION;
840 case DBUS_HEADER_FIELD_INTERFACE:
841 string_validation_func = _dbus_validate_interface;
842 bad_string_code = DBUS_INVALID_BAD_INTERFACE;
844 if (_dbus_string_equal_substring (&_dbus_local_interface_str,
846 _dbus_string_get_length (&_dbus_local_interface_str),
847 value_str, value_pos))
849 _dbus_verbose ("Message is on the local interface\n");
850 return DBUS_INVALID_USES_LOCAL_INTERFACE;
854 case DBUS_HEADER_FIELD_MEMBER:
855 string_validation_func = _dbus_validate_member;
856 bad_string_code = DBUS_INVALID_BAD_MEMBER;
859 case DBUS_HEADER_FIELD_ERROR_NAME:
860 string_validation_func = _dbus_validate_error_name;
861 bad_string_code = DBUS_INVALID_BAD_ERROR_NAME;
864 case DBUS_HEADER_FIELD_SENDER:
865 string_validation_func = _dbus_validate_bus_name;
866 bad_string_code = DBUS_INVALID_BAD_SENDER;
869 case DBUS_HEADER_FIELD_PATH:
870 /* OBJECT_PATH was validated generically due to its type */
871 string_validation_func = NULL;
873 _dbus_verbose ("value_str %p value_pos %d value_str_len %d\n",
874 value_str, value_pos,
875 _dbus_string_get_length (value_str));
876 if (_dbus_string_equal_substring (&_dbus_local_path_str,
878 _dbus_string_get_length (&_dbus_local_path_str),
879 value_str, value_pos))
881 _dbus_verbose ("Message is from the local path\n");
882 return DBUS_INVALID_USES_LOCAL_PATH;
886 case DBUS_HEADER_FIELD_REPLY_SERIAL:
890 return DBUS_INVALID_BAD_SERIAL;
894 case DBUS_HEADER_FIELD_SIGNATURE:
895 /* SIGNATURE validated generically due to its type */
896 string_validation_func = NULL;
900 _dbus_assert_not_reached ("unknown field shouldn't be seen here");
904 if (string_validation_func)
908 _dbus_assert (bad_string_code != DBUS_VALID);
910 len = _dbus_marshal_read_uint32 (value_str, value_pos,
911 header->byte_order, NULL);
913 if (!(*string_validation_func) (value_str, value_pos + 4, len))
914 return bad_string_code;
921 * Creates a message header from potentially-untrusted data. The
922 * return value is #TRUE if there was enough memory and the data was
923 * valid. If it returns #TRUE, the header will be created. If it
924 * returns #FALSE and *validity == #DBUS_VALID, then there wasn't
925 * enough memory. If it returns #FALSE and *validity != #DBUS_VALID
926 * then the data was invalid.
928 * The byte_order, fields_array_len, and body_len args should be from
929 * _dbus_header_have_message_untrusted(). Validation performed in
930 * _dbus_header_have_message_untrusted() is assumed to have been
933 * @param header the header (must be initialized)
934 * @param mode whether to do validation
935 * @param validity return location for invalidity reason
936 * @param byte_order byte order from header
937 * @param fields_array_len claimed length of fields array
938 * @param body_len claimed length of body
939 * @param header_len claimed length of header
940 * @param str a string
941 * @param start start of header, 8-aligned
942 * @param len length of string to look at
943 * @returns #FALSE if no memory or data was invalid, #TRUE otherwise
946 _dbus_header_load (DBusHeader *header,
947 DBusValidationMode mode,
948 DBusValidity *validity,
950 int fields_array_len,
953 const DBusString *str,
959 DBusTypeReader reader;
960 DBusTypeReader array_reader;
961 unsigned char v_byte;
962 dbus_uint32_t v_uint32;
963 dbus_uint32_t serial;
968 _dbus_assert (start == (int) _DBUS_ALIGN_VALUE (start, 8));
969 _dbus_assert (header_len <= len);
970 _dbus_assert (_dbus_string_get_length (&header->data) == 0);
972 if (!_dbus_string_copy_len (str, start, header_len, &header->data, 0))
974 _dbus_verbose ("Failed to copy buffer into new header\n");
975 *validity = DBUS_VALID;
979 if (mode == DBUS_VALIDATION_MODE_WE_TRUST_THIS_DATA_ABSOLUTELY)
981 leftover = len - header_len - body_len - start;
985 v = _dbus_validate_body_with_reason (&_dbus_header_signature_str, 0,
997 _dbus_assert (leftover < len);
999 padding_len = header_len - (FIRST_FIELD_OFFSET + fields_array_len);
1000 padding_start = start + FIRST_FIELD_OFFSET + fields_array_len;
1001 _dbus_assert (start + header_len == (int) _DBUS_ALIGN_VALUE (padding_start, 8));
1002 _dbus_assert (start + header_len == padding_start + padding_len);
1004 if (mode != DBUS_VALIDATION_MODE_WE_TRUST_THIS_DATA_ABSOLUTELY)
1006 if (!_dbus_string_validate_nul (str, padding_start, padding_len))
1008 *validity = DBUS_INVALID_ALIGNMENT_PADDING_NOT_NUL;
1013 header->padding = padding_len;
1015 if (mode == DBUS_VALIDATION_MODE_WE_TRUST_THIS_DATA_ABSOLUTELY)
1017 *validity = DBUS_VALID;
1021 /* We now know the data is well-formed, but we have to check that
1025 _dbus_type_reader_init (&reader,
1027 &_dbus_header_signature_str, 0,
1031 _dbus_assert (_dbus_type_reader_get_current_type (&reader) == DBUS_TYPE_BYTE);
1032 _dbus_assert (_dbus_type_reader_get_value_pos (&reader) == BYTE_ORDER_OFFSET);
1033 _dbus_type_reader_read_basic (&reader, &v_byte);
1034 _dbus_type_reader_next (&reader);
1036 _dbus_assert (v_byte == byte_order);
1039 _dbus_assert (_dbus_type_reader_get_current_type (&reader) == DBUS_TYPE_BYTE);
1040 _dbus_assert (_dbus_type_reader_get_value_pos (&reader) == TYPE_OFFSET);
1041 _dbus_type_reader_read_basic (&reader, &v_byte);
1042 _dbus_type_reader_next (&reader);
1044 /* unknown message types are supposed to be ignored, so only validation here is
1045 * that it isn't invalid
1047 if (v_byte == DBUS_MESSAGE_TYPE_INVALID)
1049 *validity = DBUS_INVALID_BAD_MESSAGE_TYPE;
1054 _dbus_assert (_dbus_type_reader_get_current_type (&reader) == DBUS_TYPE_BYTE);
1055 _dbus_assert (_dbus_type_reader_get_value_pos (&reader) == FLAGS_OFFSET);
1056 _dbus_type_reader_read_basic (&reader, &v_byte);
1057 _dbus_type_reader_next (&reader);
1059 /* unknown flags should be ignored */
1061 /* PROTOCOL VERSION */
1062 _dbus_assert (_dbus_type_reader_get_current_type (&reader) == DBUS_TYPE_BYTE);
1063 _dbus_assert (_dbus_type_reader_get_value_pos (&reader) == VERSION_OFFSET);
1064 _dbus_type_reader_read_basic (&reader, &v_byte);
1065 _dbus_type_reader_next (&reader);
1067 if (v_byte != DBUS_MAJOR_PROTOCOL_VERSION)
1069 *validity = DBUS_INVALID_BAD_PROTOCOL_VERSION;
1074 _dbus_assert (_dbus_type_reader_get_current_type (&reader) == DBUS_TYPE_UINT32);
1075 _dbus_assert (_dbus_type_reader_get_value_pos (&reader) == BODY_LENGTH_OFFSET);
1076 _dbus_type_reader_read_basic (&reader, &v_uint32);
1077 _dbus_type_reader_next (&reader);
1079 _dbus_assert (body_len == (signed) v_uint32);
1082 _dbus_assert (_dbus_type_reader_get_current_type (&reader) == DBUS_TYPE_UINT32);
1083 _dbus_assert (_dbus_type_reader_get_value_pos (&reader) == SERIAL_OFFSET);
1084 _dbus_type_reader_read_basic (&reader, &serial);
1085 _dbus_type_reader_next (&reader);
1089 *validity = DBUS_INVALID_BAD_SERIAL;
1093 _dbus_assert (_dbus_type_reader_get_current_type (&reader) == DBUS_TYPE_ARRAY);
1094 _dbus_assert (_dbus_type_reader_get_value_pos (&reader) == FIELDS_ARRAY_LENGTH_OFFSET);
1096 _dbus_type_reader_recurse (&reader, &array_reader);
1097 while (_dbus_type_reader_get_current_type (&array_reader) != DBUS_TYPE_INVALID)
1099 DBusTypeReader struct_reader;
1100 DBusTypeReader variant_reader;
1101 unsigned char field_code;
1103 _dbus_assert (_dbus_type_reader_get_current_type (&array_reader) == DBUS_TYPE_STRUCT);
1105 _dbus_type_reader_recurse (&array_reader, &struct_reader);
1107 _dbus_assert (_dbus_type_reader_get_current_type (&struct_reader) == DBUS_TYPE_BYTE);
1108 _dbus_type_reader_read_basic (&struct_reader, &field_code);
1109 _dbus_type_reader_next (&struct_reader);
1111 if (field_code == DBUS_HEADER_FIELD_INVALID)
1113 _dbus_verbose ("invalid header field code\n");
1114 *validity = DBUS_INVALID_HEADER_FIELD_CODE;
1118 if (field_code > DBUS_HEADER_FIELD_LAST)
1120 _dbus_verbose ("unknown header field code %d, skipping\n",
1125 _dbus_assert (_dbus_type_reader_get_current_type (&struct_reader) == DBUS_TYPE_VARIANT);
1126 _dbus_type_reader_recurse (&struct_reader, &variant_reader);
1128 v = load_and_validate_field (header, field_code, &variant_reader);
1129 if (v != DBUS_VALID)
1131 _dbus_verbose ("Field %d was invalid\n", field_code);
1137 _dbus_type_reader_next (&array_reader);
1140 /* Anything we didn't fill in is now known not to exist */
1142 while (i <= DBUS_HEADER_FIELD_LAST)
1144 if (header->fields[i].value_pos == _DBUS_HEADER_FIELD_VALUE_UNKNOWN)
1145 header->fields[i].value_pos = _DBUS_HEADER_FIELD_VALUE_NONEXISTENT;
1149 v = check_mandatory_fields (header);
1150 if (v != DBUS_VALID)
1152 _dbus_verbose ("Mandatory fields were missing, code %d\n", v);
1157 *validity = DBUS_VALID;
1161 _dbus_string_set_length (&header->data, 0);
1166 * Fills in the correct body length.
1168 * @param header the header
1169 * @param body_len the length of the body
1172 _dbus_header_update_lengths (DBusHeader *header,
1175 _dbus_marshal_set_uint32 (&header->data,
1178 header->byte_order);
1182 find_field_for_modification (DBusHeader *header,
1184 DBusTypeReader *reader,
1185 DBusTypeReader *realign_root)
1191 _dbus_type_reader_init (realign_root,
1193 &_dbus_header_signature_str,
1194 FIELDS_ARRAY_SIGNATURE_OFFSET,
1196 FIELDS_ARRAY_LENGTH_OFFSET);
1198 _dbus_type_reader_recurse (realign_root, reader);
1200 while (_dbus_type_reader_get_current_type (reader) != DBUS_TYPE_INVALID)
1203 unsigned char field_code;
1205 _dbus_type_reader_recurse (reader, &sub);
1207 _dbus_assert (_dbus_type_reader_get_current_type (&sub) == DBUS_TYPE_BYTE);
1208 _dbus_type_reader_read_basic (&sub, &field_code);
1210 if (field_code == (unsigned) field)
1212 _dbus_assert (_dbus_type_reader_get_current_type (reader) == DBUS_TYPE_STRUCT);
1217 _dbus_type_reader_next (reader);
1225 * Sets the value of a field with basic type. If the value is a string
1226 * value, it isn't allowed to be #NULL. If the field doesn't exist,
1227 * it will be created.
1229 * @param header the header
1230 * @param field the field to set
1231 * @param type the type of the value
1232 * @param value the value as for _dbus_marshal_set_basic()
1233 * @returns #FALSE if no memory
1236 _dbus_header_set_field_basic (DBusHeader *header,
1241 _dbus_assert (field <= DBUS_HEADER_FIELD_LAST);
1243 if (!reserve_header_padding (header))
1246 /* If the field exists we set, otherwise we append */
1247 if (_dbus_header_cache_check (header, field))
1249 DBusTypeReader reader;
1250 DBusTypeReader realign_root;
1252 if (!find_field_for_modification (header, field,
1253 &reader, &realign_root))
1254 _dbus_assert_not_reached ("field was marked present in cache but wasn't found");
1256 if (!set_basic_field (&reader, field, type, value, &realign_root))
1261 DBusTypeWriter writer;
1262 DBusTypeWriter array;
1264 _dbus_type_writer_init_values_only (&writer,
1266 &_dbus_header_signature_str,
1267 FIELDS_ARRAY_SIGNATURE_OFFSET,
1269 FIELDS_ARRAY_LENGTH_OFFSET);
1271 /* recurse into array without creating a new length, and jump to
1274 if (!_dbus_type_writer_append_array (&writer,
1275 &_dbus_header_signature_str,
1276 FIELDS_ARRAY_ELEMENT_SIGNATURE_OFFSET,
1278 _dbus_assert_not_reached ("recurse into ARRAY should not have used memory");
1280 _dbus_assert (array.u.array.len_pos == FIELDS_ARRAY_LENGTH_OFFSET);
1281 _dbus_assert (array.u.array.start_pos == FIRST_FIELD_OFFSET);
1282 _dbus_assert (array.value_pos == HEADER_END_BEFORE_PADDING (header));
1284 if (!write_basic_field (&array,
1285 field, type, value))
1288 if (!_dbus_type_writer_unrecurse (&writer, &array))
1289 _dbus_assert_not_reached ("unrecurse from ARRAY should not have used memory");
1292 correct_header_padding (header);
1294 /* We could be smarter about this (only invalidate fields after the
1295 * one we modified, or even only if the one we modified changed
1296 * length). But this hack is a start.
1298 _dbus_header_cache_invalidate_all (header);
1304 * Gets the value of a field with basic type. If the field
1305 * doesn't exist, returns #FALSE, otherwise returns #TRUE.
1307 * @param header the header
1308 * @param field the field to get
1309 * @param type the type of the value
1310 * @param value the value as for _dbus_marshal_read_basic()
1311 * @returns #FALSE if the field doesn't exist
1314 _dbus_header_get_field_basic (DBusHeader *header,
1319 _dbus_assert (field != DBUS_HEADER_FIELD_INVALID);
1320 _dbus_assert (field <= DBUS_HEADER_FIELD_LAST);
1321 _dbus_assert (_dbus_header_field_types[field].code == field);
1322 /* in light of this you might ask why the type is passed in;
1323 * the only rationale I can think of is so the caller has
1324 * to specify its expectation and breaks if we change it
1326 _dbus_assert (type == EXPECTED_TYPE_OF_FIELD (field));
1328 if (!_dbus_header_cache_check (header, field))
1331 _dbus_assert (header->fields[field].value_pos >= 0);
1333 _dbus_marshal_read_basic (&header->data,
1334 header->fields[field].value_pos,
1335 type, value, header->byte_order,
1342 * Gets the raw marshaled data for a field. If the field doesn't
1343 * exist, returns #FALSE, otherwise returns #TRUE. Returns the start
1344 * of the marshaled data, i.e. usually the byte where the length
1345 * starts (for strings and arrays) or for basic types just the value
1348 * @param header the header
1349 * @param field the field to get
1350 * @param str return location for the data string
1351 * @param pos return location for start of field value
1352 * @returns #FALSE if the field doesn't exist
1355 _dbus_header_get_field_raw (DBusHeader *header,
1357 const DBusString **str,
1360 if (!_dbus_header_cache_check (header, field))
1364 *str = &header->data;
1366 *pos = header->fields[field].value_pos;
1372 * Deletes a field, if it exists.
1374 * @param header the header
1375 * @param field the field to delete
1376 * @returns #FALSE if no memory
1379 _dbus_header_delete_field (DBusHeader *header,
1382 DBusTypeReader reader;
1383 DBusTypeReader realign_root;
1385 if (_dbus_header_cache_known_nonexistent (header, field))
1386 return TRUE; /* nothing to do */
1388 /* Scan to the field we want, delete and realign, reappend
1389 * padding. Field may turn out not to exist.
1391 if (!find_field_for_modification (header, field,
1392 &reader, &realign_root))
1393 return TRUE; /* nothing to do */
1395 if (!reserve_header_padding (header))
1398 if (!_dbus_type_reader_delete (&reader,
1402 correct_header_padding (header);
1404 _dbus_header_cache_invalidate_all (header);
1406 _dbus_assert (!_dbus_header_cache_check (header, field)); /* Expensive assertion ... */
1412 * Toggles a message flag bit, turning on the bit if value = TRUE and
1413 * flipping it off if value = FALSE.
1415 * @param header the header
1416 * @param flag the message flag to toggle
1417 * @param value toggle on or off
1420 _dbus_header_toggle_flag (DBusHeader *header,
1424 unsigned char *flags_p;
1426 flags_p = _dbus_string_get_data_len (&header->data, FLAGS_OFFSET, 1);
1435 * Gets a message flag bit, returning TRUE if the bit is set.
1437 * @param header the header
1438 * @param flag the message flag to get
1439 * @returns #TRUE if the flag is set
1442 _dbus_header_get_flag (DBusHeader *header,
1445 const unsigned char *flags_p;
1447 flags_p = _dbus_string_get_const_data_len (&header->data, FLAGS_OFFSET, 1);
1449 return (*flags_p & flag) != 0;
1453 * Swaps the header into the given order if required.
1455 * @param header the header
1456 * @param new_order the new byte order
1459 _dbus_header_byteswap (DBusHeader *header,
1462 if (header->byte_order == new_order)
1465 _dbus_marshal_byteswap (&_dbus_header_signature_str,
1466 0, header->byte_order,
1470 header->byte_order = new_order;
1475 #ifdef DBUS_BUILD_TESTS
1476 #include "dbus-test.h"
1480 _dbus_marshal_header_test (void)
1486 #endif /* DBUS_BUILD_TESTS */
projects / platform / upstream / dbus.git / blob