2005-01-21 Havoc Pennington <hp@redhat.com>

* dbus/dbus-bus.c: add more return_if_fail checks * dbus/dbus-message.c (load_message): have the "no validation" mode (have to edit the code to toggle the mode for now though) * dbus/dbus-marshal-header.c (_dbus_header_load): have a mode that skips all validation; I want to use this at least for benchmark baseline, I'm not sure if it should be a publicly-available switch.
author: Havoc Pennington <hp@redhat.com> 2005-01-21 06:18:04 +0000
committer: Havoc Pennington <hp@redhat.com> 2005-01-21 06:18:04 +0000
commit: 606eb2106b3d7f5cd36a4f1786d281b771bb1bf7 (patch)
tree: d4fe3c88571d0f683f8dadbef43fd5c0dea18ffa /dbus/dbus-marshal-header.c
parent: cda2389089ef180ac2f3c880cb03427e9baf884b (diff)
1 files changed, 44 insertions, 26 deletions
diff --git a/dbus/dbus-marshal-header.c b/dbus/dbus-marshal-header.c
index 8346c3af..6102b6f0 100644
--- a/dbus/dbus-marshal-header.c
+++ b/dbus/dbus-marshal-header.c
@@ -917,12 +917,12 @@ load_and_validate_field (DBusHeader     *header,
 }
 
 /**
- * Creates a message header from untrusted data. The return value
- * is #TRUE if there was enough memory and the data was valid. If it
- * returns #TRUE, the header will be created. If it returns #FALSE
- * and *validity == #DBUS_VALID, then there wasn't enough memory.  If
- * it returns #FALSE and *validity != #DBUS_VALID then the data was
- * invalid.
+ * Creates a message header from potentially-untrusted data. The
+ * return value is #TRUE if there was enough memory and the data was
+ * valid. If it returns #TRUE, the header will be created. If it
+ * returns #FALSE and *validity == #DBUS_VALID, then there wasn't
+ * enough memory.  If it returns #FALSE and *validity != #DBUS_VALID
+ * then the data was invalid.
  *
  * The byte_order, fields_array_len, and body_len args should be from
  * _dbus_header_have_message_untrusted(). Validation performed in
@@ -930,6 +930,7 @@ load_and_validate_field (DBusHeader     *header,
  * already done.
  *
  * @param header the header (must be initialized)
+ * @param mode whether to do validation
  * @param validity return location for invalidity reason
  * @param byte_order byte order from header
  * @param fields_array_len claimed length of fields array
@@ -941,15 +942,16 @@ load_and_validate_field (DBusHeader     *header,
  * @returns #FALSE if no memory or data was invalid, #TRUE otherwise
  */
 dbus_bool_t
-_dbus_header_load_untrusted (DBusHeader       *header,
-                             DBusValidity     *validity,
-                             int               byte_order,
-                             int               fields_array_len,
-                             int               header_len,
-                             int               body_len,
-                             const DBusString *str,
-                             int               start,
-                             int               len)
+_dbus_header_load (DBusHeader        *header,
+                   DBusValidationMode mode,
+                   DBusValidity      *validity,
+                   int                byte_order,
+                   int                fields_array_len,
+                   int                header_len,
+                   int                body_len,
+                   const DBusString  *str,
+                   int                start,
+                   int                len)
 {
   int leftover;
   DBusValidity v;
@@ -973,15 +975,22 @@ _dbus_header_load_untrusted (DBusHeader       *header,
       return FALSE;
     }
 
-  v = _dbus_validate_body_with_reason (&_dbus_header_signature_str, 0,
-                                       byte_order,
-                                       &leftover,
-                                       str, start, len);
-
-  if (v != DBUS_VALID)
+  if (mode == DBUS_VALIDATION_MODE_WE_TRUST_THIS_DATA_ABSOLUTELY)
     {
-      *validity = v;
-      goto invalid;
+      leftover = len - header_len - body_len - start;
+    }
+  else
+    {
+      v = _dbus_validate_body_with_reason (&_dbus_header_signature_str, 0,
+                                           byte_order,
+                                           &leftover,
+                                           str, start, len);
+      
+      if (v != DBUS_VALID)
+        {
+          *validity = v;
+          goto invalid;
+        }
     }
 
   _dbus_assert (leftover < len);
@@ -991,14 +1000,23 @@ _dbus_header_load_untrusted (DBusHeader       *header,
   _dbus_assert (start + header_len == (int) _DBUS_ALIGN_VALUE (padding_start, 8));
   _dbus_assert (start + header_len == padding_start + padding_len);
 
-  if (!_dbus_string_validate_nul (str, padding_start, padding_len))
+  if (mode != DBUS_VALIDATION_MODE_WE_TRUST_THIS_DATA_ABSOLUTELY)
     {
-      *validity = DBUS_INVALID_ALIGNMENT_PADDING_NOT_NUL;
-      goto invalid;
+      if (!_dbus_string_validate_nul (str, padding_start, padding_len))
+        {
+          *validity = DBUS_INVALID_ALIGNMENT_PADDING_NOT_NUL;
+          goto invalid;
+        }
     }
 
   header->padding = padding_len;
 
+  if (mode == DBUS_VALIDATION_MODE_WE_TRUST_THIS_DATA_ABSOLUTELY)
+    {
+      *validity = DBUS_VALID;
+      return TRUE;
+    }
+
   /* We now know the data is well-formed, but we have to check that
    * it's valid.
    */
author	Havoc Pennington <hp@redhat.com>	2005-01-21 06:18:04 +0000
committer	Havoc Pennington <hp@redhat.com>	2005-01-21 06:18:04 +0000
commit	606eb2106b3d7f5cd36a4f1786d281b771bb1bf7 (patch)
tree	d4fe3c88571d0f683f8dadbef43fd5c0dea18ffa /dbus/dbus-marshal-header.c
parent	cda2389089ef180ac2f3c880cb03427e9baf884b (diff)