From: Simon McVittie Date: Fri, 24 Feb 2012 12:43:55 +0000 (+0000) Subject: Add dbus-syntax.[ch] X-Git-Tag: dbus-1.5.12~12 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=f426c6cddd158d6324923f28117bc8e512d6f64f;p=thirdparty%2Fdbus.git Add dbus-syntax.[ch] Bug: https://bugs.freedesktop.org/show_bug.cgi?id=39549 Signed-off-by: Simon McVittie Reviewed-by: Will Thompson --- diff --git a/cmake/dbus/CMakeLists.txt b/cmake/dbus/CMakeLists.txt index edc203b0e..13d6f87a7 100644 --- a/cmake/dbus/CMakeLists.txt +++ b/cmake/dbus/CMakeLists.txt @@ -21,6 +21,7 @@ set (dbusinclude_HEADERS ${DBUS_DIR}/dbus-server.h ${DBUS_DIR}/dbus-shared.h ${DBUS_DIR}/dbus-signature.h + ${DBUS_DIR}/dbus-syntax.h ${DBUS_DIR}/dbus-threads.h ${DBUS_DIR}/dbus-types.h dbus-arch-deps.h @@ -51,6 +52,7 @@ set (DBUS_LIB_SOURCES ${DBUS_DIR}/dbus-server-debug-pipe.c ${DBUS_DIR}/dbus-sha.c ${DBUS_DIR}/dbus-signature.c + ${DBUS_DIR}/dbus-syntax.c ${DBUS_DIR}/dbus-timeout.c ${DBUS_DIR}/dbus-threads.c ${DBUS_DIR}/dbus-transport.c diff --git a/dbus/Makefile.am b/dbus/Makefile.am index c8d35f75a..bb5cccafb 100644 --- a/dbus/Makefile.am +++ b/dbus/Makefile.am @@ -132,6 +132,7 @@ dbusinclude_HEADERS= \ dbus-server.h \ dbus-shared.h \ dbus-signature.h \ + dbus-syntax.h \ dbus-threads.h \ dbus-types.h @@ -183,6 +184,7 @@ DBUS_LIB_SOURCES= \ dbus-sha.c \ dbus-sha.h \ dbus-signature.c \ + dbus-syntax.c \ dbus-timeout.c \ dbus-timeout.h \ dbus-threads-internal.h \ diff --git a/dbus/dbus-syntax.c b/dbus/dbus-syntax.c new file mode 100644 index 000000000..47922875f --- /dev/null +++ b/dbus/dbus-syntax.c @@ -0,0 +1,309 @@ +/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */ +/* dbus-syntax.c - utility functions for strings with special syntax + * + * Author: Simon McVittie + * Copyright © 2011 Nokia Corporation + * + * Licensed under the Academic Free License version 2.1 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * + */ + +#include +#include "dbus-syntax.h" + +#include "dbus-internals.h" +#include "dbus-marshal-validate.h" +#include "dbus-shared.h" + +/** + * @defgroup DBusSyntax Utility functions for strings with special syntax + * @ingroup DBus + * @brief Parsing D-Bus type signatures + * @{ + */ + +/** + * Check an object path for validity. Remember that #NULL can always + * be passed instead of a DBusError *, if you don't care about having + * an error name and message. + * + * This function is suitable for validating C strings, but is not suitable + * for validating untrusted data from a network unless the string's length + * is also checked, since it assumes that the string ends at the first zero + * byte according to normal C conventions. + * + * @param path a potentially invalid object path, which must not be #NULL + * @param error error return + * @returns #TRUE if path is valid + */ +dbus_bool_t +dbus_validate_path (const char *path, + DBusError *error) +{ + DBusString str; + int len; + + _dbus_return_val_if_fail (path != NULL, FALSE); + + _dbus_string_init_const (&str, path); + len = _dbus_string_get_length (&str); + + /* In general, it ought to be valid... */ + if (_DBUS_LIKELY (_dbus_validate_path (&str, 0, len))) + return TRUE; + + /* slow path: string is invalid, find out why */ + + if (!_dbus_string_validate_utf8 (&str, 0, len)) + { + /* don't quote the actual string here, since a DBusError also needs to + * be valid UTF-8 */ + dbus_set_error (error, DBUS_ERROR_INVALID_ARGS, + "Object path was not valid UTF-8"); + return FALSE; + } + + /* FIXME: later, diagnose exactly how it was invalid */ + dbus_set_error (error, DBUS_ERROR_INVALID_ARGS, + "Object path was not valid: '%s'", path); + return FALSE; +} + +/** + * Check an interface name for validity. Remember that #NULL can always + * be passed instead of a DBusError *, if you don't care about having + * an error name and message. + * + * This function is suitable for validating C strings, but is not suitable + * for validating untrusted data from a network unless the string's length + * is also checked, since it assumes that the string ends at the first zero + * byte according to normal C conventions. + * + * @param path a potentially invalid interface name, which must not be #NULL + * @param error error return + * @returns #TRUE if name is valid + */ +dbus_bool_t +dbus_validate_interface (const char *name, + DBusError *error) +{ + DBusString str; + int len; + + _dbus_return_val_if_fail (name != NULL, FALSE); + + _dbus_string_init_const (&str, name); + len = _dbus_string_get_length (&str); + + /* In general, it ought to be valid... */ + if (_DBUS_LIKELY (_dbus_validate_interface (&str, 0, len))) + return TRUE; + + /* slow path: string is invalid, find out why */ + + if (!_dbus_string_validate_utf8 (&str, 0, len)) + { + /* don't quote the actual string here, since a DBusError also needs to + * be valid UTF-8 */ + dbus_set_error (error, DBUS_ERROR_INVALID_ARGS, + "Interface name was not valid UTF-8"); + return FALSE; + } + + /* FIXME: later, diagnose exactly how it was invalid */ + dbus_set_error (error, DBUS_ERROR_INVALID_ARGS, + "Interface name was not valid: '%s'", name); + return FALSE; +} + +/** + * Check a member (method/signal) name for validity. Remember that #NULL + * can always be passed instead of a DBusError *, if you don't care about + * having an error name and message. + * + * This function is suitable for validating C strings, but is not suitable + * for validating untrusted data from a network unless the string's length + * is also checked, since it assumes that the string ends at the first zero + * byte according to normal C conventions. + * + * @param path a potentially invalid member name, which must not be #NULL + * @param error error return + * @returns #TRUE if name is valid + */ +dbus_bool_t +dbus_validate_member (const char *name, + DBusError *error) +{ + DBusString str; + int len; + + _dbus_return_val_if_fail (name != NULL, FALSE); + + _dbus_string_init_const (&str, name); + len = _dbus_string_get_length (&str); + + /* In general, it ought to be valid... */ + if (_DBUS_LIKELY (_dbus_validate_member (&str, 0, len))) + return TRUE; + + /* slow path: string is invalid, find out why */ + + if (!_dbus_string_validate_utf8 (&str, 0, len)) + { + /* don't quote the actual string here, since a DBusError also needs to + * be valid UTF-8 */ + dbus_set_error (error, DBUS_ERROR_INVALID_ARGS, + "Member name was not valid UTF-8"); + return FALSE; + } + + /* FIXME: later, diagnose exactly how it was invalid */ + dbus_set_error (error, DBUS_ERROR_INVALID_ARGS, + "Member name was not valid: '%s'", name); + return FALSE; +} + +/** + * Check an error name for validity. Remember that #NULL + * can always be passed instead of a DBusError *, if you don't care about + * having an error name and message. + * + * This function is suitable for validating C strings, but is not suitable + * for validating untrusted data from a network unless the string's length + * is also checked, since it assumes that the string ends at the first zero + * byte according to normal C conventions. + * + * @param path a potentially invalid error name, which must not be #NULL + * @param error error return + * @returns #TRUE if name is valid + */ +dbus_bool_t +dbus_validate_error_name (const char *name, + DBusError *error) +{ + DBusString str; + int len; + + _dbus_return_val_if_fail (name != NULL, FALSE); + + _dbus_string_init_const (&str, name); + len = _dbus_string_get_length (&str); + + /* In general, it ought to be valid... */ + if (_DBUS_LIKELY (_dbus_validate_error_name (&str, 0, len))) + return TRUE; + + /* slow path: string is invalid, find out why */ + + if (!_dbus_string_validate_utf8 (&str, 0, len)) + { + /* don't quote the actual string here, since a DBusError also needs to + * be valid UTF-8 */ + dbus_set_error (error, DBUS_ERROR_INVALID_ARGS, + "Error name was not valid UTF-8"); + return FALSE; + } + + /* FIXME: later, diagnose exactly how it was invalid */ + dbus_set_error (error, DBUS_ERROR_INVALID_ARGS, + "Error name was not valid: '%s'", name); + return FALSE; +} + +/** + * Check a bus name for validity. Remember that #NULL + * can always be passed instead of a DBusError *, if you don't care about + * having an error name and message. + * + * This function is suitable for validating C strings, but is not suitable + * for validating untrusted data from a network unless the string's length + * is also checked, since it assumes that the string ends at the first zero + * byte according to normal C conventions. + * + * @param path a potentially invalid bus name, which must not be #NULL + * @param error error return + * @returns #TRUE if name is valid + */ +dbus_bool_t +dbus_validate_bus_name (const char *name, + DBusError *error) +{ + DBusString str; + int len; + + _dbus_return_val_if_fail (name != NULL, FALSE); + + _dbus_string_init_const (&str, name); + len = _dbus_string_get_length (&str); + + /* In general, it ought to be valid... */ + if (_DBUS_LIKELY (_dbus_validate_bus_name (&str, 0, len))) + return TRUE; + + /* slow path: string is invalid, find out why */ + + if (!_dbus_string_validate_utf8 (&str, 0, len)) + { + /* don't quote the actual string here, since a DBusError also needs to + * be valid UTF-8 */ + dbus_set_error (error, DBUS_ERROR_INVALID_ARGS, + "Bus name was not valid UTF-8"); + return FALSE; + } + + /* FIXME: later, diagnose exactly how it was invalid */ + dbus_set_error (error, DBUS_ERROR_INVALID_ARGS, + "Bus name was not valid: '%s'", name); + return FALSE; +} + +/** + * Check a string for validity. Strings on D-Bus must be valid UTF-8. + * Remember that #NULL can always be passed instead of a DBusError *, + * if you don't care about having an error name and message. + * + * This function is suitable for validating C strings, but is not suitable + * for validating untrusted data from a network unless the string's length + * is also checked, since it assumes that the string ends at the first zero + * byte according to normal C conventions. + * + * @param alleged_utf8 a string to be checked, which must not be #NULL + * @param error error return + * @returns #TRUE if alleged_utf8 is valid UTF-8 + */ +dbus_bool_t +dbus_validate_utf8 (const char *alleged_utf8, + DBusError *error) +{ + DBusString str; + + _dbus_return_val_if_fail (alleged_utf8 != NULL, FALSE); + + _dbus_string_init_const (&str, alleged_utf8); + + if (_DBUS_LIKELY (_dbus_string_validate_utf8 (&str, 0, + _dbus_string_get_length (&str)))) + return TRUE; + + /* don't quote the actual string here, since a DBusError also needs to + * be valid UTF-8 */ + dbus_set_error (error, DBUS_ERROR_INVALID_ARGS, + "String was not valid UTF-8"); + return FALSE; +} + +/** @} */ /* end of group */ diff --git a/dbus/dbus-syntax.h b/dbus/dbus-syntax.h new file mode 100644 index 000000000..daf20f06e --- /dev/null +++ b/dbus/dbus-syntax.h @@ -0,0 +1,58 @@ +/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */ +/* dbus-syntax.h - utility functions for strings with special syntax + * + * Author: Simon McVittie + * Copyright © 2011 Nokia Corporation + * + * Licensed under the Academic Free License version 2.1 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + * + */ +#if !defined (DBUS_INSIDE_DBUS_H) && !defined (DBUS_COMPILATION) +#error "Only can be included directly, this file may disappear or change contents." +#endif + +#ifndef DBUS_SYNTAX_H +#define DBUS_SYNTAX_H + +#include +#include +#include + +DBUS_BEGIN_DECLS + +DBUS_EXPORT +dbus_bool_t dbus_validate_path (const char *path, + DBusError *error); +DBUS_EXPORT +dbus_bool_t dbus_validate_interface (const char *name, + DBusError *error); +DBUS_EXPORT +dbus_bool_t dbus_validate_member (const char *name, + DBusError *error); +DBUS_EXPORT +dbus_bool_t dbus_validate_error_name (const char *name, + DBusError *error); +DBUS_EXPORT +dbus_bool_t dbus_validate_bus_name (const char *name, + DBusError *error); +DBUS_EXPORT +dbus_bool_t dbus_validate_utf8 (const char *alleged_utf8, + DBusError *error); + +DBUS_END_DECLS + +#endif /* multiple-inclusion guard */ diff --git a/dbus/dbus.h b/dbus/dbus.h index 1f0995081..932ceab38 100644 --- a/dbus/dbus.h +++ b/dbus/dbus.h @@ -39,6 +39,7 @@ #include #include #include +#include #include #include