X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=dbus%2Fdbus-marshal-validate.c;h=9187a3e9854220f1b1e014dc4abf6ef93e7c3d91;hb=3ccb027c907f9ee2890028e83b60296204bbf478;hp=aa470fc899cbf813ac0698ddcd67c227d749e60e;hpb=dbecdeabb20e0ce11121819c63373f0afba57c58;p=platform%2Fupstream%2Fdbus.git diff --git a/dbus/dbus-marshal-validate.c b/dbus/dbus-marshal-validate.c index aa470fc..9187a3e 100644 --- a/dbus/dbus-marshal-validate.c +++ b/dbus/dbus-marshal-validate.c @@ -250,7 +250,7 @@ _dbus_validate_signature_with_reason (const DBusString *type_str, if (last == DBUS_DICT_ENTRY_BEGIN_CHAR) { - if (!(_dbus_type_is_valid (*p) && dbus_type_is_basic (*p))) + if (!(dbus_type_is_valid (*p) && dbus_type_is_basic (*p))) { result = DBUS_INVALID_DICT_KEY_MUST_BE_BASIC_TYPE; goto out; @@ -291,16 +291,30 @@ out: return result; } +/* note: this function is also used to validate the header's values, + * since the header is a valid body with a particular signature. + */ static DBusValidity validate_body_helper (DBusTypeReader *reader, int byte_order, dbus_bool_t walk_reader_to_end, + int total_depth, const unsigned char *p, const unsigned char *end, const unsigned char **new_p) { int current_type; + /* The spec allows arrays and structs to each nest 32, for total + * nesting of 2*32. We want to impose the same limit on "dynamic" + * value nesting (not visible in the signature) which is introduced + * by DBUS_TYPE_VARIANT. + */ + if (total_depth > (DBUS_MAXIMUM_TYPE_RECURSION_DEPTH * 2)) + { + return DBUS_INVALID_NESTED_TOO_DEEPLY; + } + while ((current_type = _dbus_type_reader_get_current_type (reader)) != DBUS_TYPE_INVALID) { const unsigned char *a; @@ -379,7 +393,7 @@ validate_body_helper (DBusTypeReader *reader, { int array_elem_type = _dbus_type_reader_get_element_type (reader); - if (!_dbus_type_is_valid (array_elem_type)) + if (!dbus_type_is_valid (array_elem_type)) { return DBUS_INVALID_UNKNOWN_TYPECODE; } @@ -477,7 +491,9 @@ validate_body_helper (DBusTypeReader *reader, { while (p < array_end) { - validity = validate_body_helper (&sub, byte_order, FALSE, p, end, &p); + validity = validate_body_helper (&sub, byte_order, FALSE, + total_depth + 1, + p, end, &p); if (validity != DBUS_VALID) return validity; } @@ -594,7 +610,9 @@ validate_body_helper (DBusTypeReader *reader, _dbus_assert (_dbus_type_reader_get_current_type (&sub) != DBUS_TYPE_INVALID); - validity = validate_body_helper (&sub, byte_order, FALSE, p, end, &p); + validity = validate_body_helper (&sub, byte_order, FALSE, + total_depth + 1, + p, end, &p); if (validity != DBUS_VALID) return validity; @@ -623,7 +641,9 @@ validate_body_helper (DBusTypeReader *reader, _dbus_type_reader_recurse (reader, &sub); - validity = validate_body_helper (&sub, byte_order, TRUE, p, end, &p); + validity = validate_body_helper (&sub, byte_order, TRUE, + total_depth + 1, + p, end, &p); if (validity != DBUS_VALID) return validity; } @@ -708,7 +728,7 @@ _dbus_validate_body_with_reason (const DBusString *expected_signature, p = _dbus_string_get_const_data_len (value_str, value_pos, len); end = p + len; - validity = validate_body_helper (&reader, byte_order, TRUE, p, end, &p); + validity = validate_body_helper (&reader, byte_order, TRUE, 0, p, end, &p); if (validity != DBUS_VALID) return validity; @@ -878,7 +898,7 @@ _dbus_validity_to_error_message (DBusValidity validity) case DBUS_INVALID_DICT_ENTRY_HAS_TOO_MANY_FIELDS: return "Dict entry has too many fields"; case DBUS_INVALID_DICT_ENTRY_NOT_INSIDE_ARRAY: return "Dict entry not inside array"; case DBUS_INVALID_DICT_KEY_MUST_BE_BASIC_TYPE: return "Dict key must be basic type"; - + case DBUS_INVALID_NESTED_TOO_DEEPLY: return "Variants cannot be used to create a hugely recursive tree of values"; default: return "Invalid"; } @@ -1062,23 +1082,11 @@ _dbus_validate_error_name (const DBusString *str, ((c) >= 'a' && (c) <= 'z') || \ ((c) == '_') || ((c) == '-')) -/** - * Checks that the given range of the string is a valid bus name in - * the D-Bus protocol. This includes a length restriction, etc., see - * the specification. - * - * @todo this is inconsistent with most of DBusString in that - * it allows a start,len range that extends past the string end. - * - * @param str the string - * @param start first byte index to check - * @param len number of bytes to check - * @returns #TRUE if the byte range exists and is a valid name - */ -dbus_bool_t -_dbus_validate_bus_name (const DBusString *str, - int start, - int len) +static dbus_bool_t +_dbus_validate_bus_name_full (const DBusString *str, + int start, + int len, + dbus_bool_t is_namespace) { const unsigned char *s; const unsigned char *end; @@ -1156,13 +1164,55 @@ _dbus_validate_bus_name (const DBusString *str, ++s; } - if (_DBUS_UNLIKELY (last_dot == NULL)) + if (!is_namespace && _DBUS_UNLIKELY (last_dot == NULL)) return FALSE; return TRUE; } /** + * Checks that the given range of the string is a valid bus name in + * the D-Bus protocol. This includes a length restriction, etc., see + * the specification. + * + * @todo this is inconsistent with most of DBusString in that + * it allows a start,len range that extends past the string end. + * + * @param str the string + * @param start first byte index to check + * @param len number of bytes to check + * @returns #TRUE if the byte range exists and is a valid name + */ +dbus_bool_t +_dbus_validate_bus_name (const DBusString *str, + int start, + int len) +{ + return _dbus_validate_bus_name_full (str, start, len, FALSE); +} + +/** + * Checks that the given range of the string is a prefix of a valid bus name in + * the D-Bus protocol. Unlike _dbus_validate_bus_name(), this accepts strings + * with only one period-separated component. + * + * @todo this is inconsistent with most of DBusString in that + * it allows a start,len range that extends past the string end. + * + * @param str the string + * @param start first byte index to check + * @param len number of bytes to check + * @returns #TRUE if the byte range exists and is a valid name + */ +dbus_bool_t +_dbus_validate_bus_namespace (const DBusString *str, + int start, + int len) +{ + return _dbus_validate_bus_name_full (str, start, len, TRUE); +} + +/** * Checks that the given range of the string is a valid message type * signature in the D-Bus protocol. * @@ -1201,6 +1251,8 @@ DEFINE_DBUS_NAME_CHECK(error_name) DEFINE_DBUS_NAME_CHECK(bus_name) /** define _dbus_check_is_valid_signature() */ DEFINE_DBUS_NAME_CHECK(signature) +/** define _dbus_check_is_valid_utf8() */ +DEFINE_DBUS_NAME_CHECK(utf8) /** @} */