From a2dd991d0fde59dc0574bd4d0c1438f01dc0b8ff Mon Sep 17 00:00:00 2001 From: =?utf8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Wed, 20 May 2020 09:25:11 +0200 Subject: [PATCH] bus-message: immediately reject messages with invalid type For whatever reason, we were very permissive with accepting messages of unknown type. Let's just reject any unknown types as early as possible. --- src/libsystemd/sd-bus/bus-message.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/libsystemd/sd-bus/bus-message.c b/src/libsystemd/sd-bus/bus-message.c index 0b6ea996ec2..97b732ae425 100644 --- a/src/libsystemd/sd-bus/bus-message.c +++ b/src/libsystemd/sd-bus/bus-message.c @@ -451,7 +451,7 @@ int bus_message_from_header( if (!IN_SET(h->version, 1, 2)) return -EBADMSG; - if (h->type == _SD_BUS_MESSAGE_TYPE_INVALID) + if (h->type <= _SD_BUS_MESSAGE_TYPE_INVALID || h->type >= _SD_BUS_MESSAGE_TYPE_MAX) return -EBADMSG; if (!IN_SET(h->endian, BUS_LITTLE_ENDIAN, BUS_BIG_ENDIAN)) @@ -589,7 +589,7 @@ _public_ int sd_bus_message_new( assert_return(bus = bus_resolve(bus), -ENOPKG); assert_return(bus->state != BUS_UNSET, -ENOTCONN); assert_return(m, -EINVAL); - assert_return(type < _SD_BUS_MESSAGE_TYPE_MAX, -EINVAL); + assert_return(type > _SD_BUS_MESSAGE_TYPE_INVALID && type < _SD_BUS_MESSAGE_TYPE_MAX, -EINVAL); sd_bus_message *t = malloc0(ALIGN(sizeof(sd_bus_message)) + sizeof(struct bus_header)); if (!t) @@ -5497,6 +5497,9 @@ int bus_message_parse_fields(sd_bus_message *m) { if (m->reply_cookie == 0 || !m->error.name) return -EBADMSG; break; + + default: + assert_not_reached("Bad message type"); } /* Refuse non-local messages that claim they are local */ -- 2.47.3