summaryrefslogtreecommitdiff
path: root/src/lib/eldbus
diff options
context:
space:
mode:
authorShinwoo Kim <cinoo.kim@samsung.com>2017-07-31 15:50:48 +0900
committerCarsten Haitzler (Rasterman) <raster@rasterman.com>2017-07-31 15:53:58 +0900
commita238272f0067f3664dfc0178baecea57a234b15c (patch)
treeba760ed7314c275ce7332a96bde4b1927fb11f0c /src/lib/eldbus
parentca625aa323fcf3c40a660cf693fd30d1d737f13a (diff)
eldbus: check message serial before using
Summary: Whatever the dbus_connection_send_with_reply returns, the serial value should be checked, because if the seral value is invalid a process could be aborted. There is backtrace as below. The dbus_connection_send_with_reply could return TRUE even though it has a problem. Please refer to following comment: /* Refuse to send fds on a connection that cannot handle them. Unfortunately we cannot return a proper error here, so the best we can do is return TRUE but leave *pending_return as NULL. */ Test Plan: There is not a exact reproduce step. If the Tizen login manager is relaunched repeatedly, then the dbus and other service processes are relaunched. If a service process tries to use dbus when the dbus has problem as above, then it could be possilbe to get above backtrace. Reviewers: raster, zehortigoza Subscribers: cedric, jpeg Differential Revision: https://phab.enlightenment.org/D5053 @fix
Diffstat (limited to 'src/lib/eldbus')
-rw-r--r--src/lib/eldbus/eldbus_pending.c28
1 files changed, 21 insertions, 7 deletions
diff --git a/src/lib/eldbus/eldbus_pending.c b/src/lib/eldbus/eldbus_pending.c
index 69ea322fc7..ecf65db100 100644
--- a/src/lib/eldbus/eldbus_pending.c
+++ b/src/lib/eldbus/eldbus_pending.c
@@ -113,6 +113,20 @@ eldbus_connection_send(Eldbus_Connection *conn, Eldbus_Message *msg, Eldbus_Mess
113 return pending; 113 return pending;
114} 114}
115 115
116Eldbus_Message *
117_eldbus_message_error_get(const Eldbus_Message *msg, const char *error_name, const char *error_msg)
118{
119 int32_t serial;
120
121 serial = dbus_message_get_serial(msg->dbus_msg);
122 if (serial == 0)
123 {
124 return NULL;
125 }
126
127 return eldbus_message_error_new(msg, error_name, error_msg);
128}
129
116/* 130/*
117 * On success @param msg is unref'd or its ref is stolen by the returned 131 * On success @param msg is unref'd or its ref is stolen by the returned
118 * Eldbus_Pending. 132 * Eldbus_Pending.
@@ -152,15 +166,15 @@ _eldbus_connection_send(Eldbus_Connection *conn, Eldbus_Message *msg, Eldbus_Mes
152 msg->dbus_msg, 166 msg->dbus_msg,
153 &pending->dbus_pending, timeout)) 167 &pending->dbus_pending, timeout))
154 { 168 {
155 error_msg = eldbus_message_error_new(msg, "org.enlightenment.DBus.NoConnection", 169 error_msg = _eldbus_message_error_get(msg, "org.enlightenment.DBus.NoConnection",
156 "Eldbus_Connection was closed."); 170 "Eldbus_Connection was closed.");
157 eldbus_pending_dispatch(pending, error_msg); 171 eldbus_pending_dispatch(pending, error_msg);
158 return NULL; 172 return NULL;
159 } 173 }
160 if (!pending->dbus_pending) 174 if (!pending->dbus_pending)
161 { 175 {
162 error_msg = eldbus_message_error_new(msg, "org.enlightenment.DBus.Error", 176 error_msg = _eldbus_message_error_get(msg, "org.enlightenment.DBus.Error",
163 "dbus_pending is NULL."); 177 "dbus_pending is NULL.");
164 eldbus_pending_dispatch(pending, error_msg); 178 eldbus_pending_dispatch(pending, error_msg);
165 return NULL; 179 return NULL;
166 } 180 }
@@ -168,9 +182,9 @@ _eldbus_connection_send(Eldbus_Connection *conn, Eldbus_Message *msg, Eldbus_Mes
168 return pending; 182 return pending;
169 183
170 dbus_pending_call_cancel(pending->dbus_pending); 184 dbus_pending_call_cancel(pending->dbus_pending);
171 error_msg = eldbus_message_error_new(pending->msg_sent, 185 error_msg = _eldbus_message_error_get(pending->msg_sent,
172 "org.enlightenment.DBus.Error", 186 "org.enlightenment.DBus.Error",
173 "Error when try set callback to message."); 187 "Error when try set callback to message.");
174 eldbus_pending_dispatch(pending, error_msg); 188 eldbus_pending_dispatch(pending, error_msg);
175 return NULL; 189 return NULL;
176} 190}