kdbus: check policy first, only then open kdbus

A process shouldn't hold an open kdbus descriptor, if according to
security policy this process has no rights to open the bus at all.

Change-Id: Icd5a0c8fd68e1a7ec0e419f77272d279cf3289f6

diff --git a/gio/gkdbus.c b/gio/gkdbus.c
index 9ec411a..ba12aa7 100755 (executable)
--- a/gio/gkdbus.c
+++ b/gio/gkdbus.c
@@ -558,25 +558,26 @@ _g_kdbus_open (GKDBusWorker  *worker,
   g_return_val_if_fail (G_IS_KDBUS_WORKER (worker), FALSE);
   g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
 
-  worker->fd = g_open(address, O_RDWR|O_NOCTTY|O_CLOEXEC, 0);
-  if (worker->fd<0)
-    {
-      g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED, _("Cannot open kdbus endpoint"));
-      return FALSE;
-    }
-
 #ifdef LIBDBUSPOLICY
   worker->dbuspolicy = dbuspolicy1_init (address);
   if (worker->dbuspolicy == NULL)
     {
-      close (worker->fd);
-      worker->fd = -1;
-
-      g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED, _("Cannot load dbus policy for kdbus transport"));
+      g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED, _("Cannot load dbus policy for kdbus transport or access to bus denied by security policy"));
       return FALSE;
     }
 #endif
 
+  worker->fd = g_open(address, O_RDWR|O_NOCTTY|O_CLOEXEC, 0);
+  if (worker->fd<0)
+    {
+#ifdef LIBDBUSPOLICY
+      dbuspolicy1_free (worker->dbuspolicy);
+      worker->dbuspolicy = NULL;
+#endif
+      g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED, _("Cannot open kdbus endpoint"));
+      return FALSE;
+    }
+
   worker->closed = FALSE;
   return TRUE;
 }