From c905385446bf1672f44af47c007b9708ec9bb0bc Mon Sep 17 00:00:00 2001
From: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Date: Mon, 6 May 2013 15:18:27 +0300
Subject: [PATCH] client: Check that strings passed to D-Bus to contain valid
 chars

D-Bus aborts if we feed invalid characters to it. So do some sanity
check before that.
---
 client/commands.c | 45 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)

diff --git a/client/commands.c b/client/commands.c
index d08c880..6f8ec62 100644
--- a/client/commands.c
+++ b/client/commands.c
@@ -65,6 +65,27 @@ static char *ipv6[] = {
 
 static int cmd_help(char *args[], int num, struct connman_option *options);
 
+static bool check_dbus_name(const char *name)
+{
+	/*
+	 * Valid dbus chars should be [A-Z][a-z][0-9]_
+	 * and should not start with number.
+	 */
+	unsigned int i;
+
+	if (name == NULL || (name[0] >= '0' && name[0] <= '9'))
+		return false;
+
+	for (i = 0; i < strlen(name); i++)
+		if (!((name[i] >= 'A' && name[i] <= 'Z') ||
+				(name[i] >= 'a' && name[i] <= 'z') ||
+				(name[i] >= '0' && name[i] <= '9') ||
+				name[i] == '_'))
+			return false;
+
+	return true;
+}
+
 static int parse_boolean(char *arg)
 {
 	if (arg == NULL)
@@ -141,6 +162,9 @@ static int cmd_enable(char *args[], int num, struct connman_option *options)
 	if (num < 2)
 		return -EINVAL;
 
+	if (check_dbus_name(args[1]) == false)
+		return -EINVAL;
+
 	if (strcmp(args[1], "offlinemode") == 0) {
 		tech = g_strdup(args[1]);
 		return __connmanctl_dbus_set_property(connection, "/",
@@ -187,6 +211,9 @@ static int cmd_disable(char *args[], int num, struct connman_option *options)
 	if (num < 2)
 		return -EINVAL;
 
+	if (check_dbus_name(args[1]) == false)
+		return -EINVAL;
+
 	if (strcmp(args[1], "offlinemode") == 0) {
 		tech = g_strdup(args[1]);
 		return __connmanctl_dbus_set_property(connection, "/",
@@ -295,6 +322,9 @@ static int cmd_services(char *args[], int num, struct connman_option *options)
 		break;
 	}
 
+	if (check_dbus_name(service_name) == false)
+		return -EINVAL;
+
 	if (service_name == NULL) {
 		return __connmanctl_dbus_method_call(connection, "/",
 			"net.connman.Manager", "GetServices",
@@ -522,6 +552,9 @@ static int cmd_tether(char *args[], int num, struct connman_option *options)
 	if (set_tethering == -1)
 		return -EINVAL;
 
+	if (check_dbus_name(args[1]) == false)
+		return -EINVAL;
+
 	return tether_set(args[1], set_tethering);
 }
 
@@ -552,6 +585,9 @@ static int cmd_scan(char *args[], int num, struct connman_option *options)
 	if (num < 2)
 		return -EINVAL;
 
+	if (check_dbus_name(args[1]) == false)
+		return -EINVAL;
+
 	path = g_strdup_printf("/net/connman/technology/%s", args[1]);
 	return __connmanctl_dbus_method_call(connection, path,
 			"net.connman.Technology", "Scan",
@@ -585,6 +621,9 @@ static int cmd_connect(char *args[], int num, struct connman_option *options)
 	if (num < 2)
 		return -EINVAL;
 
+	if (check_dbus_name(args[1]) == false)
+		return -EINVAL;
+
 	path = g_strdup_printf("/net/connman/service/%s", args[1]);
 	return __connmanctl_dbus_method_call(connection, path,
 			"net.connman.Service", "Connect",
@@ -618,6 +657,9 @@ static int cmd_disconnect(char *args[], int num, struct connman_option *options)
 	if (num < 2)
 		return -EINVAL;
 
+	if (check_dbus_name(args[1]) == false)
+		return -EINVAL;
+
 	path = g_strdup_printf("/net/connman/service/%s", args[1]);
 	return __connmanctl_dbus_method_call(connection, path,
 			"net.connman.Service", "Disconnect",
@@ -838,6 +880,9 @@ static int cmd_config(char *args[], int num, struct connman_option *options)
 	if (service_name == NULL)
 		return -EINVAL;
 
+	if (check_dbus_name(service_name) == false)
+		return -EINVAL;
+
 	while (index < num && args[index] != NULL) {
 		c = parse_args(args[index], options);
 		opt_start = &args[index + 1];
-- 
2.7.4