From b5351fa1d360751dd6fb40251cfa8664837613fb Mon Sep 17 00:00:00 2001 From: Mike Gorse Date: Mon, 16 May 2011 15:20:21 -0500 Subject: [PATCH] BGO#650286: Ensure valid UTF-8 from ATK When we receive strings from atk, we should ensure that they are valid UTF-8 before sending them over D-Bus, since bad UTF-8 will cause dbus-daemon to kill the connection. --- atk-adaptor/adaptors/text-adaptor.c | 26 ++++++++++++++++++-------- atk-adaptor/event.c | 9 +++++++-- droute/droute-variant.c | 7 +++++++ 3 files changed, 32 insertions(+), 10 deletions(-) diff --git a/atk-adaptor/adaptors/text-adaptor.c b/atk-adaptor/adaptors/text-adaptor.c index 0fa35f9..7a810b2 100644 --- a/atk-adaptor/adaptors/text-adaptor.c +++ b/atk-adaptor/adaptors/text-adaptor.c @@ -47,6 +47,20 @@ impl_get_CaretOffset (DBusMessageIter * iter, void *user_data) return droute_return_v_int32 (iter, atk_text_get_caret_offset (text)); } +static gchar * +validate_allocated_string (gchar *str) +{ + if (!str) + return g_strdup (""); + if (!g_utf8_validate (str, -1, NULL)) + { + g_warning ("atk-bridge: received bad UTF-8 string from a get_text function"); + g_free (str); + return g_strdup (""); + } + return str; +} + static DBusMessage * impl_GetText (DBusConnection * bus, DBusMessage * message, void *user_data) { @@ -66,8 +80,7 @@ impl_GetText (DBusConnection * bus, DBusMessage * message, void *user_data) return droute_invalid_arguments_error (message); } txt = atk_text_get_text (text, startOffset, endOffset); - if (!txt) - txt = g_strdup (""); + txt = validate_allocated_string (txt); reply = dbus_message_new_method_return (message); if (reply) { @@ -133,8 +146,7 @@ impl_GetTextBeforeOffset (DBusConnection * bus, DBusMessage * message, &intstart_offset, &intend_offset); startOffset = intstart_offset; endOffset = intend_offset; - if (!txt) - txt = g_strdup (""); + txt = validate_allocated_string (txt); reply = dbus_message_new_method_return (message); if (reply) { @@ -173,8 +185,7 @@ impl_GetTextAtOffset (DBusConnection * bus, DBusMessage * message, &intstart_offset, &intend_offset); startOffset = intstart_offset; endOffset = intend_offset; - if (!txt) - txt = g_strdup (""); + txt = validate_allocated_string (txt); reply = dbus_message_new_method_return (message); if (reply) { @@ -214,8 +225,7 @@ impl_GetTextAfterOffset (DBusConnection * bus, DBusMessage * message, &intstart_offset, &intend_offset); startOffset = intstart_offset; endOffset = intend_offset; - if (!txt) - txt = g_strdup (""); + txt = validate_allocated_string (txt); reply = dbus_message_new_method_return (message); if (reply) { diff --git a/atk-adaptor/event.c b/atk-adaptor/event.c index d489a13..8d04246 100644 --- a/atk-adaptor/event.c +++ b/atk-adaptor/event.c @@ -228,7 +228,7 @@ convert_signal_name (const gchar * s) } static const void * -replace_null (const gint type, +validate_for_dbus (const gint type, const void *val) { switch (type) @@ -237,6 +237,11 @@ replace_null (const gint type, case DBUS_TYPE_OBJECT_PATH: if (!val) return ""; + else if (!g_utf8_validate (val, -1, NULL)) + { + g_warning ("atk-bridge: Received bad UTF-8 string when emitting event"); + return ""; + } else return val; default: @@ -253,7 +258,7 @@ append_basic (DBusMessageIter *iter, dbus_message_iter_open_container(iter, DBUS_TYPE_VARIANT, type, &sub); - val = replace_null ((int) *type, val); + val = validate_for_dbus ((int) *type, val); dbus_message_iter_append_basic(&sub, (int) *type, &val); dbus_message_iter_close_container(iter, &sub); diff --git a/droute/droute-variant.c b/droute/droute-variant.c index d4b5ca6..bd5ef36 100644 --- a/droute/droute-variant.c +++ b/droute/droute-variant.c @@ -22,6 +22,7 @@ #include #include +#include "glib.h" #include "droute-variant.h" @@ -64,6 +65,12 @@ droute_return_v_string (DBusMessageIter *iter, const char *val) if (!val) val = ""; + if (!g_utf8_validate (val, -1, NULL)) + { + g_warning ("droute: Received bad UTF-8 string"); + val = ""; + } + if (!dbus_message_iter_open_container (iter, DBUS_TYPE_VARIANT, DBUS_TYPE_STRING_AS_STRING, &sub)) { -- 2.7.4