From 57722c34c18e4067ebb397120156a673dfe89256 Mon Sep 17 00:00:00 2001
From: Claudio Takahasi <claudio.takahasi@openbossa.org>
Date: Thu, 1 Jun 2006 20:08:50 +0000
Subject: Added wrong signature verification

---
 hcid/dbus-adapter.c | 54 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 hcid/dbus-manager.c | 25 +++++++++++++++++++++++--
 2 files changed, 77 insertions(+), 2 deletions(-)

diff --git a/hcid/dbus-adapter.c b/hcid/dbus-adapter.c
index d096f565..ace0b32e 100644
--- a/hcid/dbus-adapter.c
+++ b/hcid/dbus-adapter.c
@@ -147,6 +147,9 @@ static DBusHandlerResult handle_dev_get_address_req(DBusConnection *conn, DBusMe
 	const char *paddr = dbus_data->address;
 	DBusMessage *reply;
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	reply = dbus_message_new_method_return(msg);
 	if (!reply)
 		return DBUS_HANDLER_RESULT_NEED_MEMORY;
@@ -164,6 +167,9 @@ static DBusHandlerResult handle_dev_get_version_req(DBusConnection *conn, DBusMe
 	char str[20], *str_ptr = str;
 	int err;
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	err = get_device_version(dbus_data->dev_id, str, sizeof(str));
 	if (err < 0)
 		return error_failed(conn, msg, -err);
@@ -185,6 +191,9 @@ static DBusHandlerResult handle_dev_get_revision_req(DBusConnection *conn, DBusM
 	char str[64], *str_ptr = str;
 	int err;
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	err = get_device_revision(dbus_data->dev_id, str, sizeof(str));
 	if (err < 0)
 		return error_failed(conn, msg, -err);
@@ -206,6 +215,9 @@ static DBusHandlerResult handle_dev_get_manufacturer_req(DBusConnection *conn, D
 	char str[64], *str_ptr = str;
 	int err;
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	err = get_device_manufacturer(dbus_data->dev_id, str, sizeof(str));
 	if (err < 0)
 		return error_failed(conn, msg, -err);
@@ -227,6 +239,9 @@ static DBusHandlerResult handle_dev_get_company_req(DBusConnection *conn, DBusMe
 	char str[64], *str_ptr = str;
 	int err;
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	err = get_device_company(dbus_data->dev_id, str, sizeof(str));
 	if (err < 0)
 		return error_failed(conn, msg, -err);
@@ -248,6 +263,9 @@ static DBusHandlerResult handle_dev_get_mode_req(DBusConnection *conn, DBusMessa
 	const uint8_t hci_mode = dbus_data->mode;
 	const char *scan_mode;
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	switch (hci_mode) {
 	case SCAN_DISABLED:
 		scan_mode = MODE_OFF;
@@ -353,6 +371,9 @@ static DBusHandlerResult handle_dev_get_discoverable_to_req(DBusConnection *conn
 	const struct hci_dbus_data *dbus_data = data;
 	DBusMessage *reply;
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	reply = dbus_message_new_method_return(msg);
 	if (!reply)
 		return DBUS_HANDLER_RESULT_NEED_MEMORY;
@@ -407,6 +428,9 @@ static DBusHandlerResult handle_dev_is_connectable_req(DBusConnection *conn, DBu
 	const uint8_t hci_mode = dbus_data->mode;
 	dbus_bool_t connectable = FALSE;
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	if (hci_mode & SCAN_PAGE)
 		connectable = TRUE;
 
@@ -427,6 +451,9 @@ static DBusHandlerResult handle_dev_is_discoverable_req(DBusConnection *conn, DB
 	const uint8_t hci_mode = dbus_data->mode;
 	dbus_bool_t discoverable = FALSE;
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	if (hci_mode & SCAN_INQUIRY)
 		discoverable = TRUE;
 
@@ -490,6 +517,9 @@ static DBusHandlerResult handle_dev_list_connections_req(DBusConnection *conn, D
 	struct hci_dbus_data *dbus_data = data;
 	struct slist *l = dbus_data->active_conn;
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	reply = dbus_message_new_method_return(msg);
 	if (!reply)
 		return DBUS_HANDLER_RESULT_NEED_MEMORY;
@@ -521,6 +551,9 @@ static DBusHandlerResult handle_dev_get_major_class_req(DBusConnection *conn, DB
 	DBusMessage *reply;
 	const char *str_ptr = "computer";
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	reply = dbus_message_new_method_return(msg);
 	if (!reply)
 		return DBUS_HANDLER_RESULT_NEED_MEMORY;
@@ -543,6 +576,9 @@ static DBusHandlerResult handle_dev_list_minor_classes_req(DBusConnection *conn,
 	uint8_t major_class;
 	int dd, size, i;
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	dd = hci_open_dev(dbus_data->dev_id);
 	if (dd < 0)
 		return error_no_such_adapter(conn, msg);
@@ -595,6 +631,9 @@ static DBusHandlerResult handle_dev_get_minor_class_req(DBusConnection *conn, DB
 	uint8_t minor_class;
 	int dd;
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	dd = hci_open_dev(dbus_data->dev_id);
 	if (dd < 0)
 		return error_no_such_adapter(conn, msg);
@@ -724,6 +763,9 @@ static DBusHandlerResult handle_dev_get_service_classes_req(DBusConnection *conn
 	uint8_t cls[3];
 	int dd, i;
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	dd = hci_open_dev(dbus_data->dev_id);
 	if (dd < 0)
 		return error_no_such_adapter(conn, msg);
@@ -764,6 +806,9 @@ static DBusHandlerResult handle_dev_get_name_req(DBusConnection *conn, DBusMessa
 	char str[249], *str_ptr = str;
 	int err;
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	err = get_device_name(dbus_data->dev_id, str, sizeof(str));
 	if (err < 0)
 		return error_failed(conn, msg, -err);
@@ -1846,6 +1891,9 @@ static DBusHandlerResult handle_dev_list_bondings_req(DBusConnection *conn, DBus
 	DBusMessage *reply;
 	char filename[PATH_MAX + 1];
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	snprintf(filename, PATH_MAX, "%s/%s/linkkeys", STORAGEDIR, dbus_data->address);
 
 	reply = dbus_message_new_method_return(msg);
@@ -1956,6 +2004,9 @@ static DBusHandlerResult handle_dev_discover_devices_req(DBusConnection *conn, D
 	uint32_t lap = 0x9e8b33;
 	int dd;
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	if (dbus_data->discover_state != STATE_IDLE)
 		return error_discover_in_progress(conn, msg);
 
@@ -2021,6 +2072,9 @@ static DBusHandlerResult handle_dev_cancel_discovery_req(DBusConnection *conn, D
 	uint8_t status = 0x00;
 	int dd = -1;
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	requestor_name = dbus_message_get_sender(msg);
 
 	/* is there discover pending? */
diff --git a/hcid/dbus-manager.c b/hcid/dbus-manager.c
index 7db28949..2a5b8d82 100644
--- a/hcid/dbus-manager.c
+++ b/hcid/dbus-manager.c
@@ -45,6 +45,9 @@ static DBusHandlerResult interface_version(DBusConnection *conn,
 	DBusMessage *reply;
 	dbus_uint32_t version = 0;
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	reply = dbus_message_new_method_return(msg);
 	if (!reply)
 		return DBUS_HANDLER_RESULT_NEED_MEMORY;
@@ -62,6 +65,9 @@ static DBusHandlerResult default_adapter(DBusConnection *conn,
 	char path[MAX_PATH_LENGTH], *path_ptr = path;
 	int default_dev = get_default_dev_id();
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	if (default_dev < 0)
 		return error_no_such_adapter(conn, msg);
 
@@ -81,12 +87,21 @@ static DBusHandlerResult find_adapter(DBusConnection *conn,
 						DBusMessage *msg, void *data)
 {
 	DBusMessage *reply;
+	DBusError err;
 	char path[MAX_PATH_LENGTH], *path_ptr = path;
 	const char *pattern;
 	int dev_id;
 
-	dbus_message_get_args(msg, NULL, DBUS_TYPE_STRING, &pattern,
-							DBUS_TYPE_INVALID);
+	dbus_error_init(&err);
+	dbus_message_get_args(msg, &err,
+				DBUS_TYPE_STRING, &pattern,
+				DBUS_TYPE_INVALID);
+
+	if (dbus_error_is_set(&err)) {
+		error("Can't extract message arguments:%s", err.message);
+		dbus_error_free(&err);
+		return error_invalid_arguments(conn, msg);
+	}
 
 	dev_id = hci_devid(pattern);
 	if (dev_id < 0)
@@ -114,6 +129,9 @@ static DBusHandlerResult list_adapters(DBusConnection *conn,
 	struct hci_dev_req *dr;
 	int i, sk;
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	sk = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI);
 	if (sk < 0)
 		return error_failed(conn, msg, errno);
@@ -177,6 +195,9 @@ static DBusHandlerResult list_services(DBusConnection *conn,
 {
 	DBusMessage *reply;
 
+	if (!dbus_message_has_signature(msg, DBUS_TYPE_INVALID_AS_STRING))
+		return error_invalid_arguments(conn, msg);
+
 	reply = dbus_message_new_method_return(msg);
 	if (!reply)
 		return DBUS_HANDLER_RESULT_NEED_MEMORY;
-- 
cgit