From: Simon McVittie Date: Mon, 21 Jun 2021 11:04:05 +0000 (+0100) Subject: dbus-send: Validate interface, member names before use X-Git-Tag: dbus-1.13.20~39^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a42a07a1fb8afe559e1f2dcc636c8d2a81e44f89;p=thirdparty%2Fdbus.git dbus-send: Validate interface, member names before use Instead of a failed check or assertion failure and a core dump, let's produce an error message on stderr and a graceful nonzero exit status. It's still not going to *work*, but at least we can avoid crashing. $ dbus-send / com.example.Nope..Nope Interface name was not valid: 'com.example.Nope.' $ dbus-send / com.example.Nope.0 Invalid signal name: Member name was not valid: '0' Resolves: dbus#338 Signed-off-by: Simon McVittie --- diff --git a/tools/dbus-send.c b/tools/dbus-send.c index b6b2d6757..65f9854ee 100644 --- a/tools/dbus-send.c +++ b/tools/dbus-send.c @@ -488,7 +488,23 @@ main (int argc, char *argv[]) exit (1); } *last_dot = '\0'; - + + if (!dbus_validate_interface (name, &error)) + { + /* Typically this is "Interface name was not valid: \"xxx\"" + * so we don't need to prefix anything special */ + fprintf (stderr, "%s\n", error.message); + dbus_error_free (&error); + exit (1); + } + + if (!dbus_validate_member (last_dot + 1, &error)) + { + fprintf (stderr, "Invalid method name: %s\n", error.message); + dbus_error_free (&error); + exit (1); + } + message = dbus_message_new_method_call (NULL, path, name, @@ -508,7 +524,21 @@ main (int argc, char *argv[]) exit (1); } *last_dot = '\0'; - + + if (!dbus_validate_interface (name, &error)) + { + fprintf (stderr, "%s\n", error.message); + dbus_error_free (&error); + exit (1); + } + + if (!dbus_validate_member (last_dot + 1, &error)) + { + fprintf (stderr, "Invalid signal name: %s\n", error.message); + dbus_error_free (&error); + exit (1); + } + message = dbus_message_new_signal (path, name, last_dot + 1); handle_oom (message != NULL); }