From 0222b49f2e78f917561ec609f1d8d42a79044c41 Mon Sep 17 00:00:00 2001
From: Yu <jiung.yu@samsung.com>
Date: Fri, 15 May 2020 16:01:39 +0900
Subject: [PATCH] Add logic to detect buffer overflow for snprintf

Change-Id: I60f835aeed101ef61a2bbb73bf2fc8c2c7327d50
Signed-off-by: Yu jiung <jiung.yu@samsung.com>
---
 gdbus/watch.c | 46 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)

diff --git a/gdbus/watch.c b/gdbus/watch.c
index 447e486..c51e60d 100755
--- a/gdbus/watch.c
+++ b/gdbus/watch.c
@@ -136,6 +136,51 @@ static struct filter_data *filter_data_find(DBusConnection *connection)
 	return NULL;
 }
 
+#if defined TIZEN_EXT
+#define SENDER_PREFIX ",sender='%s'"
+#define PATH_PREFIX ",path='%s'"
+#define IFACE_PREFIX ",interface='%s'"
+#define MEMBER_PREFIX ",member='%s'"
+#define ARG0_PREFIX ",arg0='%s'"
+
+static gboolean check_rule_length(int remains, const char *prefix, const char *data)
+{
+	if (!prefix || !data)
+		return FALSE;
+
+	return strlen(prefix) - 4 + strlen(data) < remains;
+}
+
+static void format_rule(struct filter_data *data, char *rule, size_t size)
+{
+	const char *sender;
+	int offset;
+
+	offset = snprintf(rule, size, "type='signal'");
+	sender = data->name ? : data->owner;
+
+	if (sender &&
+			check_rule_length(size - offset, SENDER_PREFIX, sender))
+		offset += snprintf(rule + offset, size - offset,
+				SENDER_PREFIX, sender);
+	if (data->path &&
+			check_rule_length(size - offset, PATH_PREFIX, data->path))
+		offset += snprintf(rule + offset, size - offset,
+				PATH_PREFIX, data->path);
+	if (data->interface &&
+			check_rule_length(size - offset, IFACE_PREFIX, data->interface))
+		offset += snprintf(rule + offset, size - offset,
+				IFACE_PREFIX, data->interface);
+	if (data->member &&
+			check_rule_length(size - offset, MEMBER_PREFIX, data->member))
+		offset += snprintf(rule + offset, size - offset,
+				MEMBER_PREFIX, data->member);
+	if (data->argument &&
+			check_rule_length(size - offset, ARG0_PREFIX, data->argument))
+		snprintf(rule + offset, size - offset,
+				ARG0_PREFIX, data->argument);
+}
+#else
 static void format_rule(struct filter_data *data, char *rule, size_t size)
 {
 	const char *sender;
@@ -160,6 +205,7 @@ static void format_rule(struct filter_data *data, char *rule, size_t size)
 		snprintf(rule + offset, size - offset,
 				",arg0='%s'", data->argument);
 }
+#endif
 
 static gboolean add_match(struct filter_data *data,
 				DBusHandleMessageFunction filter)
-- 
2.7.4