BecomeMonitor: do not overwrite error with another error

If the user gave us a syntactically invalid error name, we'd
overwrite the MatchRuleInvalid error with NoMemory, causing an
assertion failure (crash) in the dbus-daemon.

This is not a denial-of-service vulnerability on the system bus,
because monitoring is a privileged action, and root privilege
is checked before this code is reached. However, it's an annoying
bug on the session bus.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92298
Reviewed-by: Philip Withnall <philip.withnall@collabora.co.uk>
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>

diff --git a/bus/driver.c b/bus/driver.c
index 379a47ee264803026acd08416df4ebc1fb469ca6..852ac536ddce7d4dc16d56505d1c69946fe91f1d 100644 (file)
--- a/bus/driver.c
+++ b/bus/driver.c
@@ -2006,10 +2006,7 @@ bus_driver_handle_become_monitor (DBusConnection *connection,
       rule = bus_match_rule_parse (connection, &str, error);
 
       if (rule == NULL)
-        {
-          BUS_SET_OOM (error);
-          goto out;
-        }
+        goto out;
 
       /* monitors always eavesdrop */
       bus_match_rule_set_client_is_eavesdropping (rule, TRUE);