This is one of the patches from Maemo's dbus package. It seems to do all
of:
* fix some documentation
* remove unreached code to delete/free the nonce file from
_dbus_server_new_for_socket - doing that on failure violates
least-astonishment anyway
* in _dbus_server_new_for_tcp_socket, never fail without setting @error
* if we fail after creating the nonce file, delete it
* if we fail after allocating the nonce file struct, free it
Origin: vendor, Maemo
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=33128 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Simon McVittie [Mon, 17 Jan 2011 18:40:15 +0000 (18:40 +0000)]
Make _dbus_directory_get_next_file use readdir, not readdir_r
This isn't thread-safe or reentrant, but it turns out we don't need
either of those properties, and readdir_r is a real pain to use correctly,
particularly in the presence of FUSE filesystems that might implement
statfs() wrong.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=8284
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=15922 Reviewed-by: Will Thompson <will.thompson@collabora.co.uk>
Simon McVittie [Wed, 12 Jan 2011 12:14:49 +0000 (12:14 +0000)]
_dbus_loop_iterate: if the kernel says a fd is bad, stop watching it
Again, this shouldn't happen - modules are responsible for cleaning up
their watches - but the failure mode here is really bad: if we leave an
invalid fd in the set, every poll() call will instantly return, marking
it as POLLNVAL. The result is that dbus-daemon busy-loops on poll()
without responding to I/O, so the bad watch will probably never be
cleared up.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=32992
Bug-NB: NB#200248 Reviewed-by: Colin Walters <walters@verbum.org>
Simon McVittie [Wed, 12 Jan 2011 11:58:31 +0000 (11:58 +0000)]
_dbus_loop_iterate: if a watch has been invalidated, skip it
This shouldn't happen - other modules are responsible for cleaning up
their watches - but the bug fixed in my last commit has been present for
several years and I'm sure it's not the only one, so for robustness,
let's refuse to watch obviously-wrong file descriptors.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=32992
Bug-NB: NB#200248 Reviewed-by: Colin Walters <walters@verbum.org>
Simon McVittie [Tue, 11 Jan 2011 19:57:31 +0000 (19:57 +0000)]
dbus-spawn: don't leave bad file descriptors being watched
The code called from handle_watch() might close either or both of the
sockets we're watching, without cleaning up the DBusWatch. This results
in invalid file descriptors being passed to _dbus_poll(), which could
end up busy-looping on a POLLNVAL condition until the babysitter loses
its last ref (which automatically clears up both watches).
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=32992
Bug-NB: NB#200248 Reviewed-by: Colin Walters <walters@verbum.org>
Simon McVittie [Thu, 20 Jan 2011 13:41:58 +0000 (13:41 +0000)]
test-privserver-client: wait for server to die between iterations
This fixes a race condition: the server exits while the client continues
to the next iteration. If the server wins, the test passes. If the client
wins, it sends a message to the dying service, never gets a reply, and the
test fails.
My branch to refactor the main loop for fd.o #23194 seems to make the
client more likely to win this race, resulting in intermittent test
failures.
This is an instance of the general problem described by fd.o #11454.
Simon McVittie [Wed, 19 Jan 2011 17:33:31 +0000 (17:33 +0000)]
test_server_setup: allocate two server-data blobs, for watches and timeouts
This is similar to how ConnectionData works. Without this change, we
deserve to segfault: when the first set of callbacks (either watches or
timeouts) is cleaned up, we unref the server and loop, and free sd;
when the second set of callbacks is cleaned up, we use-after-free sd,
the server and the loop, then double-free sd.
However, due to fd.o #33277 we don't even get that far, because we've
already died with an assertion failure.
Will Thompson [Fri, 24 Dec 2010 14:40:49 +0000 (14:40 +0000)]
connection: correct HAVE_DECL_MSG_NOSIGNAL guard
Helpfully, AC_CHECK_DECLS (which configure.in uses to define
HAVE_DECL_MSG_NOSIGNAL) behaves differently to every similar AC_CHECK_*
macro and, rather than producing #undef HAVE_DECL_MSG_NOSIGNAL if the
given symbol is not found, instead produces #define
HAVE_DECL_MSG_NOSIGNAL 0.
Mike McQuaid's patch fixes the uses of this constant in sysdeps-unix;
with this patch, all code is guarded consistently and correctly.
Christian Dywan [Tue, 4 Jan 2011 19:36:43 +0000 (19:36 +0000)]
Fix error condition in _dbus_pipe_close
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=32264 Reviewed-by: Colin Walters <walters@verbum.org> Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Havoc Pennington [Mon, 13 Dec 2010 02:08:43 +0000 (21:08 -0500)]
CVE 2010-4352: Reject deeply nested variants
Add DBUS_INVALID_NESTED_TOO_DEEPLY validity problem and a test that
should generate it.
Previously, we rejected deep nesting in the signature, but
variants allow dynamic message nesting, conditional only
on the depth of the message body.
The nesting limit is 64, which was also the limit in static
signatures. Empirically, dynamic nesting depth observed on my
Fedora 14 system doesn't exceed 2; 64 is really a huge limit.
Will Thompson [Thu, 16 Dec 2010 13:56:04 +0000 (13:56 +0000)]
sysdeps-unix: check for HAVE_DECL_MSG_NOSIGNAL
MSG_NOSIGNAL could theoretically be an enum member or something rather
than an #define, so it's better to check for the flag defined by the
configure check (as is done in dbus-connection.c already).
Reviewed-by: Colin Walters <walters@verbum.org> Reviewed-by: Scott James Remnant <scott@netsplit.com>
Will Thompson [Mon, 13 Dec 2010 17:54:57 +0000 (17:54 +0000)]
Revert "test-autolaunch is only known to work in launchd environments."
This reverts commit 4626b405609900812125a407ef5fdd31c7b89868.
test-autolaunch works fine in non-launchd environments (and non-X11
environments, based on a quick test passing enable_x11=no to configure).
On the contrary: this commit *broke* the build on non-launchd
environments, because test/name-test/run-test.sh still tried to run this
test even if it hadn't been built.
Will Thompson [Mon, 13 Dec 2010 17:22:00 +0000 (17:22 +0000)]
policy tests: Use 'nogroup' rather than 'wheel' or 'root'
The excellently-titled commit 197bef8 “Fix test failures on OSX.” broke
the tests on Linux, since there's no wheel group on this side of the
tracks. So here's a group everyone should enjoy.
(If anyone comes along and tells me that DragonflyBSD doesn't have
'nogroup' …)
Benjamin Reed [Sun, 19 Jul 2009 15:45:34 +0000 (11:45 -0400)]
Enable launchd.
This patch enables support for Mac OS X's launch daemon
for startup as well as sharing of the DBus session bus
environment. It includes a LaunchAgent plist for automatic
start of the session bus.
Colin Walters [Wed, 11 Jun 2008 22:01:16 +0000 (18:01 -0400)]
Added a test-autolaunch.
* test/name-test/test-autolaunch.c: New file,
unsets DBUS_SESSION_BUS_ADDRESS so we should
fall back to autolaunch:.
* test/name-test/run-test.sh: Run it.
* test/name-test/Makefile.am: Build it.
Will Thompson [Thu, 9 Jul 2009 20:33:24 +0000 (21:33 +0100)]
Supporting matching argument 0 as a namespace
Rather like "arg0path='/foo/'" matching all object paths starting with
"/foo/", this adds support for matching a prefix of a string argument
with "arg0namespace='org.freedesktop.Telepathy.Client.'" (for example).
This is mostly intended for use with NameOwnerChanged and
PropertiesChanged; thus, only matching the 0th argument is permitted.
(This also means it could work with the multicast-plus-socket-filters
model being considered for DBus-in-the-kernel without having to hash
every period-separated prefix of every string argument.)
Ralf Habacker [Fri, 29 Oct 2010 09:46:33 +0000 (11:46 +0200)]
Service dir related bug fix on windows.
The code for accessing services requires absolute pathes, which are based
on DBUS_DATADIR. DBUS_DATADIR on windows is defined relative. This patch
makes sure that those pathes are absolute.
projects / thirdparty / dbus.git / log
