diff options
| author | Jiung Yu <jiung.yu@samsung.com> | 2020-05-18 04:14:59 +0000 |
|---|---|---|
| committer | Gerrit Code Review <gerrit@review> | 2020-05-18 04:14:59 +0000 |
| commit | 68d8b030da4b57272a7468ac1850cc069a27dd91 (patch) | |
| tree | c14580e06e29244cd77f1c98dbd47db88dd66a38 | |
| parent | 0565506882e72b1292c20d5717aabd0407dfe20f (diff) | |
| parent | 0222b49f2e78f917561ec609f1d8d42a79044c41 (diff) | |
| download | connman-submit/tizen/20200518.041610.tar.gz connman-submit/tizen/20200518.041610.tar.bz2 connman-submit/tizen/20200518.041610.zip | |
Merge "Add logic to detect buffer overflow for snprintf" into tizensubmit/tizen/20200518.041610
| -rwxr-xr-x | gdbus/watch.c | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/gdbus/watch.c b/gdbus/watch.c index 447e4867..c51e60df 100755 --- a/gdbus/watch.c +++ b/gdbus/watch.c @@ -136,6 +136,51 @@ static struct filter_data *filter_data_find(DBusConnection *connection) return NULL; } +#if defined TIZEN_EXT +#define SENDER_PREFIX ",sender='%s'" +#define PATH_PREFIX ",path='%s'" +#define IFACE_PREFIX ",interface='%s'" +#define MEMBER_PREFIX ",member='%s'" +#define ARG0_PREFIX ",arg0='%s'" + +static gboolean check_rule_length(int remains, const char *prefix, const char *data) +{ + if (!prefix || !data) + return FALSE; + + return strlen(prefix) - 4 + strlen(data) < remains; +} + +static void format_rule(struct filter_data *data, char *rule, size_t size) +{ + const char *sender; + int offset; + + offset = snprintf(rule, size, "type='signal'"); + sender = data->name ? : data->owner; + + if (sender && + check_rule_length(size - offset, SENDER_PREFIX, sender)) + offset += snprintf(rule + offset, size - offset, + SENDER_PREFIX, sender); + if (data->path && + check_rule_length(size - offset, PATH_PREFIX, data->path)) + offset += snprintf(rule + offset, size - offset, + PATH_PREFIX, data->path); + if (data->interface && + check_rule_length(size - offset, IFACE_PREFIX, data->interface)) + offset += snprintf(rule + offset, size - offset, + IFACE_PREFIX, data->interface); + if (data->member && + check_rule_length(size - offset, MEMBER_PREFIX, data->member)) + offset += snprintf(rule + offset, size - offset, + MEMBER_PREFIX, data->member); + if (data->argument && + check_rule_length(size - offset, ARG0_PREFIX, data->argument)) + snprintf(rule + offset, size - offset, + ARG0_PREFIX, data->argument); +} +#else static void format_rule(struct filter_data *data, char *rule, size_t size) { const char *sender; @@ -160,6 +205,7 @@ static void format_rule(struct filter_data *data, char *rule, size_t size) snprintf(rule + offset, size - offset, ",arg0='%s'", data->argument); } +#endif static gboolean add_match(struct filter_data *data, DBusHandleMessageFunction filter) |