Skip to content

Commit

Permalink
[plugins] Validate D-Bus names and paths loaded from config files
Browse files Browse the repository at this point in the history
  • Loading branch information
@monich
monich committed Jul 28, 2019
1 parent db8cba5 commit 8add4b4
Show file tree
Hide file tree
Showing 6 changed files with 110 additions and 49 deletions.
41 changes: 30 additions & 11 deletions plugins/dbus_handlers/dbus_handlers_config.c
View file
Expand Up @@ -352,28 +352,47 @@ dbus_handlers_config_parse_dbus(
char* service = dbus_handlers_config_get_string(file, group,
config_key_service);

if (service) {
if (service && g_dbus_is_name(service)) {
char* iface_method = dbus_handlers_config_get_string(file, group,
config_key_method);

if (iface_method) {
char* dot = strrchr(iface_method, '.');

if (dot) {
char* path = dbus_handlers_config_get_string(file, group,
config_key_path);

config->service = service;
config->path = path ? path : g_strdup(config_default_path);
config->iface = iface_method;
dot[0] = 0;
config->method = dot + 1;
return TRUE;
const char* method = dot + 1;

if (!g_dbus_is_member_name(method)) {
GWARN("Not a valid method name: \"%s\"", method);
} else {
dot[0] = 0;
if (!g_dbus_is_interface_name(iface_method)) {
GWARN("Not a valid interface name: \"%s\"",
iface_method);
} else {
char* path = dbus_handlers_config_get_string(file,
group, config_key_path);

if (path && !g_variant_is_object_path(path)) {
GWARN("Not a valid path name: \"%s\"", path);
} else {
config->service = service;
config->path = path ? path :
g_strdup(config_default_path);
config->iface = iface_method;
config->method = method;
return TRUE;
}
g_free(path);
}
}
}
g_free(iface_method);
}
g_free(service);
} else if (service) {
GWARN("Not a valid service name: \"%s\"", service);
}
g_free(service);
return FALSE;
}

Expand Down
82 changes: 62 additions & 20 deletions unit/plugins_dbus_handlers_config/test_plugins_dbus_handlers_config.c
View file
Expand Up @@ -14,8 +14,8 @@
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the names of the copyright holders nor the names of its
* contributors may be used to endorse or promote products derived from
* this software without specific prior written permission.
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
Expand Down Expand Up @@ -132,26 +132,47 @@ test_parse_handler(
const char* group = "test";
DBusHandlerConfig* config;

/* No config at all */
g_assert(!dbus_handlers_new_handler_config(k, group));
g_key_file_set_string(k, group, "Service", "Foo");

/* Invalid D-Bus name */
g_key_file_set_string(k, group, "Service", "foo,bar");
g_assert(!dbus_handlers_new_handler_config(k, group));

/* Missing interface name */
g_key_file_set_string(k, group, "Service", "foo.service");
g_assert(!dbus_handlers_new_handler_config(k, group));

g_key_file_set_string(k, group, "Method", "Bar");
g_assert(!dbus_handlers_new_handler_config(k, group));

/* Invalid interface name */
g_key_file_set_string(k, group, "Method", "foo.Bar");
g_assert(!dbus_handlers_new_handler_config(k, group));

/* Invalid method name */
g_key_file_set_string(k, group, "Method", "foo.interface.1");
g_assert(!dbus_handlers_new_handler_config(k, group));

g_key_file_set_string(k, group, "Method", "foo.interface.Bar");
config = dbus_handlers_new_handler_config(k, group);
g_assert(config);
g_assert(!g_strcmp0(config->dbus.service, "Foo"));
g_assert(!g_strcmp0(config->dbus.iface, "foo"));

g_assert(!g_strcmp0(config->dbus.service, "foo.service"));
g_assert(!g_strcmp0(config->dbus.iface, "foo.interface"));
g_assert(!g_strcmp0(config->dbus.method, "Bar"));
g_assert(!g_strcmp0(config->dbus.path, "/"));
dbus_handlers_free_handler_config(config);

/* Invalid path */
g_key_file_set_string(k, group, "Path", "//");
g_assert(!dbus_handlers_new_handler_config(k, group));

g_key_file_set_string(k, group, "Path", "/foo");
config = dbus_handlers_new_handler_config(k, group);
g_assert(config);
g_assert(!g_strcmp0(config->dbus.service, "Foo"));
g_assert(!g_strcmp0(config->dbus.iface, "foo"));
g_assert(!g_strcmp0(config->dbus.service, "foo.service"));
g_assert(!g_strcmp0(config->dbus.iface, "foo.interface"));
g_assert(!g_strcmp0(config->dbus.method, "Bar"));
g_assert(!g_strcmp0(config->dbus.path, "/foo"));
dbus_handlers_free_handler_config(config);
Expand All @@ -172,26 +193,47 @@ test_parse_listener(
const char* group = "test";
DBusListenerConfig* config;

/* No config at all */
g_assert(!dbus_handlers_new_listener_config(k, group));
g_key_file_set_string(k, group, "Service", "Foo");

/* Invalid D-Bus name */
g_key_file_set_string(k, group, "Service", "foo,bar");
g_assert(!dbus_handlers_new_listener_config(k, group));

/* Missing interface name */
g_key_file_set_string(k, group, "Service", "foo.service");
g_assert(!dbus_handlers_new_listener_config(k, group));

g_key_file_set_string(k, group, "Method", "Bar");
g_assert(!dbus_handlers_new_listener_config(k, group));

/* Invalid interface name */
g_key_file_set_string(k, group, "Method", "foo.Bar");
g_assert(!dbus_handlers_new_listener_config(k, group));

/* Invalid method name */
g_key_file_set_string(k, group, "Method", "foo.interface.1");
g_assert(!dbus_handlers_new_listener_config(k, group));

g_key_file_set_string(k, group, "Method", "foo.interface.Bar");
config = dbus_handlers_new_listener_config(k, group);
g_assert(config);
g_assert(!g_strcmp0(config->dbus.service, "Foo"));
g_assert(!g_strcmp0(config->dbus.iface, "foo"));

g_assert(!g_strcmp0(config->dbus.service, "foo.service"));
g_assert(!g_strcmp0(config->dbus.iface, "foo.interface"));
g_assert(!g_strcmp0(config->dbus.method, "Bar"));
g_assert(!g_strcmp0(config->dbus.path, "/"));
dbus_handlers_free_listener_config(config);

/* Invalid path */
g_key_file_set_string(k, group, "Path", "//");
g_assert(!dbus_handlers_new_listener_config(k, group));

g_key_file_set_string(k, group, "Path", "/foo");
config = dbus_handlers_new_listener_config(k, group);
g_assert(config);
g_assert(!g_strcmp0(config->dbus.service, "Foo"));
g_assert(!g_strcmp0(config->dbus.iface, "foo"));
g_assert(!g_strcmp0(config->dbus.service, "foo.service"));
g_assert(!g_strcmp0(config->dbus.iface, "foo.interface"));
g_assert(!g_strcmp0(config->dbus.method, "Bar"));
g_assert(!g_strcmp0(config->dbus.path, "/foo"));
dbus_handlers_free_listener_config(config);
Expand Down Expand Up @@ -250,12 +292,12 @@ test_load_handlers(
const char* contents1 =
"[Handler]\n"
"Service = foo.bar1\n"
"Method = foo.Handle1\n";
"Method = foo.bar1.Handle1\n";
const char* contents2 =
"[Handler]\n"
"Path = /foo\n"
"Service = foo.bar2\n"
"Method = foo.Handle2\n";
"Method = foo.bar2.Handle2\n";
const char* contents_unused =
"[Handler]\n"
"Service = foooooo.barrrrrr\n"
Expand Down Expand Up @@ -309,12 +351,12 @@ test_load_listeners(
const char* contents1 =
"[Listener]\n"
"Service = foo.bar1\n"
"Method = foo.Handle1\n";
"Method = foo.bar1.Handle1\n";
const char* contents2 =
"[Listener]\n"
"Path = /foo\n"
"Service = foo.bar2\n"
"Method = foo.Handle2\n";
"Method = foo.bar2.Handle2\n";
const char* contents_unused =
"[Listenerrrrr]\n"
"Service = foooooo.barrrrrr\n"
Expand Down Expand Up @@ -364,25 +406,25 @@ test_multiple_ndefs(
"[URI-Handler]\n"
"Path = /h1\n"
"Service = h1.s\n"
"Method = h1.m\n"
"Method = h1.i.m\n"
"\n"
"[MediaType-Handler]\n"
"MediaType = text/*\n"
"Path = /h2\n"
"Service = h2.s\n"
"Method = h2.m\n",
"Method = h2.i.m\n",

/* test1.conf */
"[MediaType-Handler]\n"
"MediaType = text/plain\n"
"Path = /h3\n"
"Service = h3.s\n"
"Method = h4.m\n"
"Method = h4.i.m\n"
"\n"
"[Handler]\n"
"Path = /h4\n"
"Service = h4.s\n"
"Method = h4.m\n"
"Method = h4.i.m\n"
};
guint i;
NfcNdefRec* rec;
Expand Down
4 changes: 2 additions & 2 deletions unit/plugins_dbus_handlers_type_generic/test_plugins_dbus_handlers_type_generic.c
View file
Expand Up @@ -59,12 +59,12 @@ test_basic(
"[Handler]\n"
"Path = /h1\n"
"Service = h1.s\n"
"Method = h1.m\n"
"Method = h1.i.m\n"
"\n"
"[Listener]\n"
"Path = /l1\n"
"Service = l1.s\n"
"Method = l1.m\n";
"Method = l1.i.m\n";

GDEBUG("created %s", dir);
g_assert(g_file_set_contents(fname1, contents1, -1, NULL));
Expand Down
12 changes: 6 additions & 6 deletions unit/plugins_dbus_handlers_type_mediatype/test_plugins_dbus_handlers_type_mediatype.c
View file
Expand Up @@ -181,42 +181,42 @@ test_basic(
"MediaType = */*\n"
"Path = /h1\n"
"Service = h1.s\n"
"Method = h1.m\n",
"Method = h1.i.m\n",

/* test1.conf */
"[MediaType-Handler]\n"
"MediaType = text/plain\n"
"Path = /h2\n"
"Service = h2.s\n"
"Method = h2.m\n",
"Method = h2.i.m\n",

/* test2.conf */
"[MediaType-Listener]\n"
"MediaType = text/*\n"
"Path = /l1\n"
"Service = l1.s\n"
"Method = l1.m\n",
"Method = l1.i.m\n",

/* test3.conf */
"[MediaType-Listener]\n"
"MediaType = text/plain\n"
"Path = /l2\n"
"Service = l2.s\n"
"Method = l2.m\n",
"Method = l2.i.m\n",

/* test4.conf */
"[MediaType-Listener]\n"
"MediaType = image/jpeg\n"
"Path = /l3\n"
"Service = l3.s\n"
"Method = l3.m\n",
"Method = l3.i.m\n",

/* test5.conf */
"[MediaType-Handler]\n"
"MediaType = text/*\n"
"Path = /h3\n"
"Service = h3.s\n"
"Method = h3.m\n"
"Method = h3.i.m\n"
};
guint i;
GVariant* args;
Expand Down
8 changes: 4 additions & 4 deletions unit/plugins_dbus_handlers_type_text/test_plugins_dbus_handlers_type_text.c
View file
Expand Up @@ -64,12 +64,12 @@ test_basic(
"[Text-Handler]\n"
"Path = /h1\n"
"Service = h1.s\n"
"Method = h1.m\n"
"Method = h1.i.m\n"
"\n"
"[Text-Listener]\n"
"Path = /l1\n"
"Service = l1.s\n"
"Method = l1.m\n";
"Method = l1.i.m\n";
GVariant* args;
DBusHandlersConfig* handlers;
char* dir = g_dir_make_tmp("test_XXXXXX", NULL);
Expand Down Expand Up @@ -143,12 +143,12 @@ test_language(
"[Text-Handler]\n"
"Path = /h1\n"
"Service = h1.s\n"
"Method = h1.m\n"
"Method = h1.i.m\n"
"\n"
"[Text-Listener]\n"
"Path = /l1\n"
"Service = l1.s\n"
"Method = l1.m\n",
"Method = l1.i.m\n",
};
guint i;
const TestLanguageData* test = test_data;
Expand Down
12 changes: 6 additions & 6 deletions unit/plugins_dbus_handlers_type_uri/test_plugins_dbus_handlers_type_uri.c
View file
Expand Up @@ -53,37 +53,37 @@ test_basic(
"URI = http://*\n"
"Path = /h1\n"
"Service = h1.s\n"
"Method = h1.m\n"
"Method = h1.i.m\n"
"\n"
"[URI-Listener]\n"
"URI = http://*\n"
"Path = /l1\n"
"Service = l1.s\n"
"Method = l1.m\n",
"Method = l1.i.m\n",

/* test1.conf */
"[URI-Handler]\n"
"URI = https://*\n"
"Path = /h2\n"
"Service = h2.s\n"
"Method = h2.m\n"
"Method = h2.i.m\n"
"\n"
"[URI-Listener]\n"
"URI = https://*\n"
"Path = /l2\n"
"Service = l2.s\n"
"Method = l2.m\n",
"Method = l2.i.m\n",

/* test2.conf */
"[URI-Handler]\n"
"Path = /h3\n"
"Service = h3.s\n"
"Method = h3.m\n"
"Method = h3.i.m\n"
"\n"
"[URI-Listener]\n"
"Path = /l3\n"
"Service = l3.s\n"
"Method = l3.m\n"
"Method = l3.i.m\n"
};
guint i;
GVariant* args;
Expand Down

0 comments on commit 8add4b4

Please sign in to comment.