dbus-marshal-validate.c

00001 /* -*- mode: C; c-file-style: "gnu" -*- */
00002 /* dbus-marshal-validate.c Validation routines for marshaled data
00003  *
00004  * Copyright (C) 2005 Red Hat, Inc.
00005  *
00006  * Licensed under the Academic Free License version 2.1
00007  *
00008  * This program is free software; you can redistribute it and/or modify
00009  * it under the terms of the GNU General Public License as published by
00010  * the Free Software Foundation; either version 2 of the License, or
00011  * (at your option) any later version.
00012  *
00013  * This program is distributed in the hope that it will be useful,
00014  * but WITHOUT ANY WARRANTY; without even the implied warranty of
00015  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00016  * GNU General Public License for more details.
00017  *
00018  * You should have received a copy of the GNU General Public License
00019  * along with this program; if not, write to the Free Software
00020  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
00021  *
00022  */
00023 
00024 #include "dbus-internals.h"
00025 #include "dbus-marshal-validate.h"
00026 #include "dbus-marshal-recursive.h"
00027 #include "dbus-marshal-basic.h"
00028 #include "dbus-signature.h"
00029 #include "dbus-string.h"
00030 
00049 DBusValidity
00050 _dbus_validate_signature_with_reason (const DBusString *type_str,
00051                                       int               type_pos,
00052                                       int               len)
00053 {
00054   const unsigned char *p;
00055   const unsigned char *end;
00056   int last;
00057   int struct_depth;
00058   int array_depth;
00059   int dict_entry_depth;
00060   DBusValidity result;
00061 
00062   int element_count;
00063   DBusList *element_count_stack;
00064 
00065   result = DBUS_VALID;
00066   element_count_stack = NULL;
00067 
00068   if (!_dbus_list_append (&element_count_stack, _DBUS_INT_TO_POINTER (0)))
00069     {
00070       result = DBUS_VALIDITY_UNKNOWN_OOM_ERROR;
00071       goto out;
00072     }
00073 
00074   _dbus_assert (type_str != NULL);
00075   _dbus_assert (type_pos < _DBUS_INT32_MAX - len);
00076   _dbus_assert (len >= 0);
00077   _dbus_assert (type_pos >= 0);
00078 
00079   if (len > DBUS_MAXIMUM_SIGNATURE_LENGTH)
00080     {
00081       result = DBUS_INVALID_SIGNATURE_TOO_LONG;
00082       goto out;
00083     }
00084 
00085   p = _dbus_string_get_const_data_len (type_str, type_pos, 0);
00086 
00087   end = _dbus_string_get_const_data_len (type_str, type_pos + len, 0);
00088   struct_depth = 0;
00089   array_depth = 0;
00090   dict_entry_depth = 0;
00091   last = DBUS_TYPE_INVALID;
00092 
00093   while (p != end)
00094     {
00095       switch (*p)
00096         {
00097         case DBUS_TYPE_BYTE:
00098         case DBUS_TYPE_BOOLEAN:
00099         case DBUS_TYPE_INT16:
00100         case DBUS_TYPE_UINT16:
00101         case DBUS_TYPE_INT32:
00102         case DBUS_TYPE_UINT32:
00103         case DBUS_TYPE_INT64:
00104         case DBUS_TYPE_UINT64:
00105         case DBUS_TYPE_DOUBLE:
00106         case DBUS_TYPE_STRING:
00107         case DBUS_TYPE_OBJECT_PATH:
00108         case DBUS_TYPE_SIGNATURE:
00109         case DBUS_TYPE_VARIANT:
00110           break;
00111 
00112         case DBUS_TYPE_ARRAY:
00113           array_depth += 1;
00114           if (array_depth > DBUS_MAXIMUM_TYPE_RECURSION_DEPTH)
00115             {
00116               result = DBUS_INVALID_EXCEEDED_MAXIMUM_ARRAY_RECURSION;
00117               goto out;
00118             }
00119           break;
00120 
00121         case DBUS_STRUCT_BEGIN_CHAR:
00122           struct_depth += 1;
00123 
00124           if (struct_depth > DBUS_MAXIMUM_TYPE_RECURSION_DEPTH)
00125             {
00126               result = DBUS_INVALID_EXCEEDED_MAXIMUM_STRUCT_RECURSION;
00127               goto out;
00128             }
00129           
00130           if (!_dbus_list_append (&element_count_stack, 
00131                              _DBUS_INT_TO_POINTER (0)))
00132             {
00133               result = DBUS_VALIDITY_UNKNOWN_OOM_ERROR;
00134               goto out;
00135             }
00136 
00137           break;
00138 
00139         case DBUS_STRUCT_END_CHAR:
00140           if (struct_depth == 0)
00141             {
00142               result = DBUS_INVALID_STRUCT_ENDED_BUT_NOT_STARTED;
00143               goto out;
00144             }
00145 
00146           if (last == DBUS_STRUCT_BEGIN_CHAR)
00147             {
00148               result = DBUS_INVALID_STRUCT_HAS_NO_FIELDS;
00149               goto out;
00150             }
00151 
00152           _dbus_list_pop_last (&element_count_stack);
00153 
00154           struct_depth -= 1;
00155           break;
00156 
00157         case DBUS_DICT_ENTRY_BEGIN_CHAR:
00158           if (last != DBUS_TYPE_ARRAY)
00159             {
00160               result = DBUS_INVALID_DICT_ENTRY_NOT_INSIDE_ARRAY;
00161               goto out;
00162             }
00163             
00164           dict_entry_depth += 1;
00165 
00166           if (dict_entry_depth > DBUS_MAXIMUM_TYPE_RECURSION_DEPTH)
00167             {
00168               result = DBUS_INVALID_EXCEEDED_MAXIMUM_DICT_ENTRY_RECURSION;
00169               goto out;
00170             }
00171 
00172           if (!_dbus_list_append (&element_count_stack, 
00173                              _DBUS_INT_TO_POINTER (0)))
00174             {
00175               result = DBUS_VALIDITY_UNKNOWN_OOM_ERROR;
00176               goto out;
00177             }
00178 
00179           break;
00180 
00181         case DBUS_DICT_ENTRY_END_CHAR:
00182           if (dict_entry_depth == 0)
00183             {
00184               result = DBUS_INVALID_DICT_ENTRY_ENDED_BUT_NOT_STARTED;
00185               goto out;
00186             }
00187             
00188           dict_entry_depth -= 1;
00189 
00190           element_count = 
00191             _DBUS_POINTER_TO_INT (_dbus_list_pop_last (&element_count_stack));
00192 
00193           if (element_count != 2)
00194             {
00195               if (element_count == 0)
00196                 result = DBUS_INVALID_DICT_ENTRY_HAS_NO_FIELDS;
00197               else if (element_count == 1)
00198                 result = DBUS_INVALID_DICT_ENTRY_HAS_ONLY_ONE_FIELD;
00199               else
00200                 result = DBUS_INVALID_DICT_ENTRY_HAS_TOO_MANY_FIELDS;
00201               
00202               goto out;
00203             }
00204           break;
00205           
00206         case DBUS_TYPE_STRUCT:     /* doesn't appear in signatures */
00207         case DBUS_TYPE_DICT_ENTRY: /* ditto */
00208         default:
00209           result = DBUS_INVALID_UNKNOWN_TYPECODE;
00210           goto out;
00211         }
00212 
00213       if (*p != DBUS_TYPE_ARRAY && 
00214           *p != DBUS_DICT_ENTRY_BEGIN_CHAR && 
00215           *p != DBUS_STRUCT_BEGIN_CHAR) 
00216         {
00217           element_count = 
00218             _DBUS_POINTER_TO_INT (_dbus_list_pop_last (&element_count_stack));
00219 
00220           ++element_count;
00221 
00222           if (!_dbus_list_append (&element_count_stack, 
00223                              _DBUS_INT_TO_POINTER (element_count)))
00224             {
00225               result = DBUS_VALIDITY_UNKNOWN_OOM_ERROR;
00226               goto out;
00227             }
00228         }
00229       
00230       if (array_depth > 0)
00231         {
00232           if (*p == DBUS_TYPE_ARRAY && p != end)
00233             {
00234                const char *p1;
00235                p1 = p + 1;
00236                if (*p1 == DBUS_STRUCT_END_CHAR ||
00237                    *p1 == DBUS_DICT_ENTRY_END_CHAR)
00238                  {
00239                    result = DBUS_INVALID_MISSING_ARRAY_ELEMENT_TYPE;
00240                    goto out;
00241                  }
00242             }
00243           else
00244             {
00245               array_depth = 0;
00246             }
00247         }
00248 
00249       if (last == DBUS_DICT_ENTRY_BEGIN_CHAR)
00250         {
00251           if (!(_dbus_type_is_valid (*p) && dbus_type_is_basic (*p)))
00252             {
00253               result = DBUS_INVALID_DICT_KEY_MUST_BE_BASIC_TYPE;
00254               goto out;
00255             }
00256         }
00257 
00258       last = *p;
00259       ++p;
00260     }
00261 
00262 
00263   if (array_depth > 0)
00264     {
00265       result = DBUS_INVALID_MISSING_ARRAY_ELEMENT_TYPE;
00266       goto out;
00267     }
00268     
00269   if (struct_depth > 0)
00270     {
00271        result = DBUS_INVALID_STRUCT_STARTED_BUT_NOT_ENDED;
00272        goto out;
00273     }
00274     
00275   if (dict_entry_depth > 0)
00276     {
00277       result =  DBUS_INVALID_DICT_ENTRY_STARTED_BUT_NOT_ENDED;
00278       goto out;
00279     }
00280     
00281   _dbus_assert (last != DBUS_TYPE_ARRAY);
00282   _dbus_assert (last != DBUS_STRUCT_BEGIN_CHAR);
00283   _dbus_assert (last != DBUS_DICT_ENTRY_BEGIN_CHAR);
00284 
00285   result = DBUS_VALID;
00286 
00287 out:
00288   _dbus_list_clear (&element_count_stack);
00289   return result;
00290 }
00291 
00292 /* note: this function is also used to validate the header's values,
00293  * since the header is a valid body with a particular signature.
00294  */
00295 static DBusValidity
00296 validate_body_helper (DBusTypeReader       *reader,
00297                       int                   byte_order,
00298                       dbus_bool_t           walk_reader_to_end,
00299                       int                   total_depth,
00300                       const unsigned char  *p,
00301                       const unsigned char  *end,
00302                       const unsigned char **new_p)
00303 {
00304   int current_type;
00305 
00306   /* The spec allows arrays and structs to each nest 32, for total
00307    * nesting of 2*32. We want to impose the same limit on "dynamic"
00308    * value nesting (not visible in the signature) which is introduced
00309    * by DBUS_TYPE_VARIANT.
00310    */
00311   if (total_depth > (DBUS_MAXIMUM_TYPE_RECURSION_DEPTH * 2))
00312     {
00313       return DBUS_INVALID_NESTED_TOO_DEEPLY;
00314     }
00315 
00316   while ((current_type = _dbus_type_reader_get_current_type (reader)) != DBUS_TYPE_INVALID)
00317     {
00318       const unsigned char *a;
00319       int alignment;
00320 
00321 #if 0
00322       _dbus_verbose ("   validating value of type %s type reader %p type_pos %d p %p end %p %d remain\n",
00323                      _dbus_type_to_string (current_type), reader, reader->type_pos, p, end,
00324                      (int) (end - p));
00325 #endif
00326 
00327       /* Guarantee that p has one byte to look at */
00328       if (p == end)
00329         return DBUS_INVALID_NOT_ENOUGH_DATA;
00330 
00331       switch (current_type)
00332         {
00333         case DBUS_TYPE_BYTE:
00334           ++p;
00335           break;
00336           
00337         case DBUS_TYPE_BOOLEAN:
00338         case DBUS_TYPE_INT16:
00339         case DBUS_TYPE_UINT16:
00340         case DBUS_TYPE_INT32:
00341         case DBUS_TYPE_UINT32:
00342         case DBUS_TYPE_INT64:
00343         case DBUS_TYPE_UINT64:
00344         case DBUS_TYPE_DOUBLE:
00345           alignment = _dbus_type_get_alignment (current_type);
00346           a = _DBUS_ALIGN_ADDRESS (p, alignment);
00347           if (a >= end)
00348             return DBUS_INVALID_NOT_ENOUGH_DATA;
00349           while (p != a)
00350             {
00351               if (*p != '\0')
00352                 return DBUS_INVALID_ALIGNMENT_PADDING_NOT_NUL;
00353               ++p;
00354             }
00355           
00356           if (current_type == DBUS_TYPE_BOOLEAN)
00357             {
00358               dbus_uint32_t v = _dbus_unpack_uint32 (byte_order,
00359                                                      p);
00360               if (!(v == 0 || v == 1))
00361                 return DBUS_INVALID_BOOLEAN_NOT_ZERO_OR_ONE;
00362             }
00363           
00364           p += alignment;
00365           break;
00366 
00367         case DBUS_TYPE_ARRAY:
00368         case DBUS_TYPE_STRING:
00369         case DBUS_TYPE_OBJECT_PATH:
00370           {
00371             dbus_uint32_t claimed_len;
00372 
00373             a = _DBUS_ALIGN_ADDRESS (p, 4);
00374             if (a + 4 > end)
00375               return DBUS_INVALID_NOT_ENOUGH_DATA;
00376             while (p != a)
00377               {
00378                 if (*p != '\0')
00379                   return DBUS_INVALID_ALIGNMENT_PADDING_NOT_NUL;
00380                 ++p;
00381               }
00382 
00383             claimed_len = _dbus_unpack_uint32 (byte_order, p);
00384             p += 4;
00385 
00386             /* p may now be == end */
00387             _dbus_assert (p <= end);
00388             
00389             if (current_type == DBUS_TYPE_ARRAY)
00390               {
00391                 int array_elem_type = _dbus_type_reader_get_element_type (reader);
00392                 alignment = _dbus_type_get_alignment (array_elem_type);
00393                 p = _DBUS_ALIGN_ADDRESS (p, alignment);
00394               }
00395 
00396             if (claimed_len > (unsigned long) (end - p))
00397               return DBUS_INVALID_LENGTH_OUT_OF_BOUNDS;
00398 
00399             if (current_type == DBUS_TYPE_OBJECT_PATH)
00400               {
00401                 DBusString str;
00402                 _dbus_string_init_const_len (&str, p, claimed_len);
00403                 if (!_dbus_validate_path (&str, 0,
00404                                           _dbus_string_get_length (&str)))
00405                   return DBUS_INVALID_BAD_PATH;
00406 
00407                 p += claimed_len;
00408               }
00409             else if (current_type == DBUS_TYPE_STRING)
00410               {
00411                 DBusString str;
00412                 _dbus_string_init_const_len (&str, p, claimed_len);
00413                 if (!_dbus_string_validate_utf8 (&str, 0,
00414                                                  _dbus_string_get_length (&str)))
00415                   return DBUS_INVALID_BAD_UTF8_IN_STRING;
00416 
00417                 p += claimed_len;
00418               }
00419             else if (current_type == DBUS_TYPE_ARRAY && claimed_len > 0)
00420               {
00421                 DBusTypeReader sub;
00422                 DBusValidity validity;
00423                 const unsigned char *array_end;
00424 
00425                 if (claimed_len > DBUS_MAXIMUM_ARRAY_LENGTH)
00426                   return DBUS_INVALID_ARRAY_LENGTH_EXCEEDS_MAXIMUM;
00427                 
00428                 /* Remember that the reader is types only, so we can't
00429                  * use it to iterate over elements. It stays the same
00430                  * for all elements.
00431                  */
00432                 _dbus_type_reader_recurse (reader, &sub);
00433 
00434                 array_end = p + claimed_len;
00435 
00436                 while (p < array_end)
00437                   {
00438                     /* FIXME we are calling a function per array element! very bad
00439                      * need if (dbus_type_is_fixed(elem_type)) here to just skip
00440                      * big blocks of ints/bytes/etc.
00441                      */                     
00442                     validity = validate_body_helper (&sub, byte_order, FALSE,
00443                                                      total_depth + 1,
00444                                                      p, end, &p);
00445                     if (validity != DBUS_VALID)
00446                       return validity;
00447                   }
00448 
00449                 if (p != array_end)
00450                   return DBUS_INVALID_ARRAY_LENGTH_INCORRECT;
00451               }
00452 
00453             /* check nul termination */
00454             if (current_type != DBUS_TYPE_ARRAY)
00455               {
00456                 if (p == end)
00457                   return DBUS_INVALID_NOT_ENOUGH_DATA;
00458 
00459                 if (*p != '\0')
00460                   return DBUS_INVALID_STRING_MISSING_NUL;
00461                 ++p;
00462               }
00463           }
00464           break;
00465 
00466         case DBUS_TYPE_SIGNATURE:
00467           {
00468             dbus_uint32_t claimed_len;
00469             DBusString str;
00470             DBusValidity validity;
00471 
00472             claimed_len = *p;
00473             ++p;
00474 
00475             /* 1 is for nul termination */
00476             if (claimed_len + 1 > (unsigned long) (end - p))
00477               return DBUS_INVALID_SIGNATURE_LENGTH_OUT_OF_BOUNDS;
00478 
00479             _dbus_string_init_const_len (&str, p, claimed_len);
00480             validity =
00481               _dbus_validate_signature_with_reason (&str, 0,
00482                                                     _dbus_string_get_length (&str));
00483 
00484             if (validity != DBUS_VALID)
00485               return validity;
00486 
00487             p += claimed_len;
00488 
00489             _dbus_assert (p < end);
00490             if (*p != DBUS_TYPE_INVALID)
00491               return DBUS_INVALID_SIGNATURE_MISSING_NUL;
00492 
00493             ++p;
00494 
00495             _dbus_verbose ("p = %p end = %p claimed_len %u\n", p, end, claimed_len);
00496           }
00497           break;
00498 
00499         case DBUS_TYPE_VARIANT:
00500           {
00501             /* 1 byte sig len, sig typecodes, align to
00502              * contained-type-boundary, values.
00503              */
00504 
00505             /* In addition to normal signature validation, we need to be sure
00506              * the signature contains only a single (possibly container) type.
00507              */
00508             dbus_uint32_t claimed_len;
00509             DBusString sig;
00510             DBusTypeReader sub;
00511             DBusValidity validity;
00512             int contained_alignment;
00513             int contained_type;
00514             DBusValidity reason;
00515 
00516             claimed_len = *p;
00517             ++p;
00518 
00519             /* + 1 for nul */
00520             if (claimed_len + 1 > (unsigned long) (end - p))
00521               return DBUS_INVALID_VARIANT_SIGNATURE_LENGTH_OUT_OF_BOUNDS;
00522 
00523             _dbus_string_init_const_len (&sig, p, claimed_len);
00524             reason = _dbus_validate_signature_with_reason (&sig, 0,
00525                                            _dbus_string_get_length (&sig));
00526             if (!(reason == DBUS_VALID))
00527               {
00528                 if (reason == DBUS_VALIDITY_UNKNOWN_OOM_ERROR)
00529                   return reason;
00530                 else 
00531                   return DBUS_INVALID_VARIANT_SIGNATURE_BAD;
00532               }
00533 
00534             p += claimed_len;
00535             
00536             if (*p != DBUS_TYPE_INVALID)
00537               return DBUS_INVALID_VARIANT_SIGNATURE_MISSING_NUL;
00538             ++p;
00539 
00540             contained_type = _dbus_first_type_in_signature (&sig, 0);
00541             if (contained_type == DBUS_TYPE_INVALID)
00542               return DBUS_INVALID_VARIANT_SIGNATURE_EMPTY;
00543             
00544             contained_alignment = _dbus_type_get_alignment (contained_type);
00545             
00546             a = _DBUS_ALIGN_ADDRESS (p, contained_alignment);
00547             if (a > end)
00548               return DBUS_INVALID_NOT_ENOUGH_DATA;
00549             while (p != a)
00550               {
00551                 if (*p != '\0')
00552                   return DBUS_INVALID_ALIGNMENT_PADDING_NOT_NUL;
00553                 ++p;
00554               }
00555 
00556             _dbus_type_reader_init_types_only (&sub, &sig, 0);
00557 
00558             _dbus_assert (_dbus_type_reader_get_current_type (&sub) != DBUS_TYPE_INVALID);
00559 
00560             validity = validate_body_helper (&sub, byte_order, FALSE,
00561                                              total_depth + 1,
00562                                              p, end, &p);
00563             if (validity != DBUS_VALID)
00564               return validity;
00565 
00566             if (_dbus_type_reader_next (&sub))
00567               return DBUS_INVALID_VARIANT_SIGNATURE_SPECIFIES_MULTIPLE_VALUES;
00568 
00569             _dbus_assert (_dbus_type_reader_get_current_type (&sub) == DBUS_TYPE_INVALID);
00570           }
00571           break;
00572 
00573         case DBUS_TYPE_DICT_ENTRY:
00574         case DBUS_TYPE_STRUCT:
00575           {
00576             DBusTypeReader sub;
00577             DBusValidity validity;
00578 
00579             a = _DBUS_ALIGN_ADDRESS (p, 8);
00580             if (a > end)
00581               return DBUS_INVALID_NOT_ENOUGH_DATA;
00582             while (p != a)
00583               {
00584                 if (*p != '\0')
00585                   return DBUS_INVALID_ALIGNMENT_PADDING_NOT_NUL;
00586                 ++p;
00587               }
00588 
00589             _dbus_type_reader_recurse (reader, &sub);
00590 
00591             validity = validate_body_helper (&sub, byte_order, TRUE,
00592                                              total_depth + 1,
00593                                              p, end, &p);
00594             if (validity != DBUS_VALID)
00595               return validity;
00596           }
00597           break;
00598 
00599         default:
00600           _dbus_assert_not_reached ("invalid typecode in supposedly-validated signature");
00601           break;
00602         }
00603 
00604 #if 0
00605       _dbus_verbose ("   validated value of type %s type reader %p type_pos %d p %p end %p %d remain\n",
00606                      _dbus_type_to_string (current_type), reader, reader->type_pos, p, end,
00607                      (int) (end - p));
00608 #endif
00609 
00610       if (p > end)
00611         {
00612           _dbus_verbose ("not enough data!!! p = %p end = %p end-p = %d\n",
00613                          p, end, (int) (end - p));
00614           return DBUS_INVALID_NOT_ENOUGH_DATA;
00615         }
00616 
00617       if (walk_reader_to_end)
00618         _dbus_type_reader_next (reader);
00619       else
00620         break;
00621     }
00622 
00623   if (new_p)
00624     *new_p = p;
00625 
00626   return DBUS_VALID;
00627 }
00628 
00649 DBusValidity
00650 _dbus_validate_body_with_reason (const DBusString *expected_signature,
00651                                  int               expected_signature_start,
00652                                  int               byte_order,
00653                                  int              *bytes_remaining,
00654                                  const DBusString *value_str,
00655                                  int               value_pos,
00656                                  int               len)
00657 {
00658   DBusTypeReader reader;
00659   const unsigned char *p;
00660   const unsigned char *end;
00661   DBusValidity validity;
00662 
00663   _dbus_assert (len >= 0);
00664   _dbus_assert (value_pos >= 0);
00665   _dbus_assert (value_pos <= _dbus_string_get_length (value_str) - len);
00666 
00667   _dbus_verbose ("validating body from pos %d len %d sig '%s'\n",
00668                  value_pos, len, _dbus_string_get_const_data_len (expected_signature,
00669                                                                   expected_signature_start,
00670                                                                   0));
00671 
00672   _dbus_type_reader_init_types_only (&reader,
00673                                      expected_signature, expected_signature_start);
00674 
00675   p = _dbus_string_get_const_data_len (value_str, value_pos, len);
00676   end = p + len;
00677 
00678   validity = validate_body_helper (&reader, byte_order, TRUE, 0, p, end, &p);
00679   if (validity != DBUS_VALID)
00680     return validity;
00681   
00682   if (bytes_remaining)
00683     {
00684       *bytes_remaining = end - p;
00685       return DBUS_VALID;
00686     }
00687   else if (p < end)
00688     return DBUS_INVALID_TOO_MUCH_DATA;
00689   else
00690     {
00691       _dbus_assert (p == end);
00692       return DBUS_VALID;
00693     }
00694 }
00695 
00700 #define VALID_INITIAL_NAME_CHARACTER(c)         \
00701   ( ((c) >= 'A' && (c) <= 'Z') ||               \
00702     ((c) >= 'a' && (c) <= 'z') ||               \
00703     ((c) == '_') )
00704 
00709 #define VALID_NAME_CHARACTER(c)                 \
00710   ( ((c) >= '0' && (c) <= '9') ||               \
00711     ((c) >= 'A' && (c) <= 'Z') ||               \
00712     ((c) >= 'a' && (c) <= 'z') ||               \
00713     ((c) == '_') )
00714 
00731 dbus_bool_t
00732 _dbus_validate_path (const DBusString  *str,
00733                      int                start,
00734                      int                len)
00735 {
00736   const unsigned char *s;
00737   const unsigned char *end;
00738   const unsigned char *last_slash;
00739 
00740   _dbus_assert (start >= 0);
00741   _dbus_assert (len >= 0);
00742   _dbus_assert (start <= _dbus_string_get_length (str));
00743   
00744   if (len > _dbus_string_get_length (str) - start)
00745     return FALSE;
00746 
00747   if (len == 0)
00748     return FALSE;
00749 
00750   s = _dbus_string_get_const_data (str) + start;
00751   end = s + len;
00752 
00753   if (*s != '/')
00754     return FALSE;
00755   last_slash = s;
00756   ++s;
00757 
00758   while (s != end)
00759     {
00760       if (*s == '/')
00761         {
00762           if ((s - last_slash) < 2)
00763             return FALSE; /* no empty path components allowed */
00764 
00765           last_slash = s;
00766         }
00767       else
00768         {
00769           if (_DBUS_UNLIKELY (!VALID_NAME_CHARACTER (*s)))
00770             return FALSE;
00771         }
00772 
00773       ++s;
00774     }
00775 
00776   if ((end - last_slash) < 2 &&
00777       len > 1)
00778     return FALSE; /* trailing slash not allowed unless the string is "/" */
00779 
00780   return TRUE;
00781 }
00782 
00796 dbus_bool_t
00797 _dbus_validate_interface (const DBusString  *str,
00798                           int                start,
00799                           int                len)
00800 {
00801   const unsigned char *s;
00802   const unsigned char *end;
00803   const unsigned char *iface;
00804   const unsigned char *last_dot;
00805 
00806   _dbus_assert (start >= 0);
00807   _dbus_assert (len >= 0);
00808   _dbus_assert (start <= _dbus_string_get_length (str));
00809 
00810   if (len > _dbus_string_get_length (str) - start)
00811     return FALSE;
00812 
00813   if (len > DBUS_MAXIMUM_NAME_LENGTH)
00814     return FALSE;
00815 
00816   if (len == 0)
00817     return FALSE;
00818 
00819   last_dot = NULL;
00820   iface = _dbus_string_get_const_data (str) + start;
00821   end = iface + len;
00822   s = iface;
00823 
00824   /* check special cases of first char so it doesn't have to be done
00825    * in the loop. Note we know len > 0
00826    */
00827   if (_DBUS_UNLIKELY (*s == '.')) /* disallow starting with a . */
00828     return FALSE;
00829   else if (_DBUS_UNLIKELY (!VALID_INITIAL_NAME_CHARACTER (*s)))
00830     return FALSE;
00831   else
00832     ++s;
00833 
00834   while (s != end)
00835     {
00836       if (*s == '.')
00837         {
00838           if (_DBUS_UNLIKELY ((s + 1) == end))
00839             return FALSE;
00840           else if (_DBUS_UNLIKELY (!VALID_INITIAL_NAME_CHARACTER (*(s + 1))))
00841             return FALSE;
00842           last_dot = s;
00843           ++s; /* we just validated the next char, so skip two */
00844         }
00845       else if (_DBUS_UNLIKELY (!VALID_NAME_CHARACTER (*s)))
00846         {
00847           return FALSE;
00848         }
00849 
00850       ++s;
00851     }
00852 
00853   if (_DBUS_UNLIKELY (last_dot == NULL))
00854     return FALSE;
00855 
00856   return TRUE;
00857 }
00858 
00872 dbus_bool_t
00873 _dbus_validate_member (const DBusString  *str,
00874                        int                start,
00875                        int                len)
00876 {
00877   const unsigned char *s;
00878   const unsigned char *end;
00879   const unsigned char *member;
00880 
00881   _dbus_assert (start >= 0);
00882   _dbus_assert (len >= 0);
00883   _dbus_assert (start <= _dbus_string_get_length (str));
00884 
00885   if (len > _dbus_string_get_length (str) - start)
00886     return FALSE;
00887 
00888   if (len > DBUS_MAXIMUM_NAME_LENGTH)
00889     return FALSE;
00890 
00891   if (len == 0)
00892     return FALSE;
00893 
00894   member = _dbus_string_get_const_data (str) + start;
00895   end = member + len;
00896   s = member;
00897 
00898   /* check special cases of first char so it doesn't have to be done
00899    * in the loop. Note we know len > 0
00900    */
00901 
00902   if (_DBUS_UNLIKELY (!VALID_INITIAL_NAME_CHARACTER (*s)))
00903     return FALSE;
00904   else
00905     ++s;
00906 
00907   while (s != end)
00908     {
00909       if (_DBUS_UNLIKELY (!VALID_NAME_CHARACTER (*s)))
00910         {
00911           return FALSE;
00912         }
00913 
00914       ++s;
00915     }
00916 
00917   return TRUE;
00918 }
00919 
00933 dbus_bool_t
00934 _dbus_validate_error_name (const DBusString  *str,
00935                            int                start,
00936                            int                len)
00937 {
00938   /* Same restrictions as interface name at the moment */
00939   return _dbus_validate_interface (str, start, len);
00940 }
00941 
00946 #define VALID_INITIAL_BUS_NAME_CHARACTER(c)         \
00947   ( ((c) >= 'A' && (c) <= 'Z') ||               \
00948     ((c) >= 'a' && (c) <= 'z') ||               \
00949     ((c) == '_') || ((c) == '-'))
00950 
00955 #define VALID_BUS_NAME_CHARACTER(c)                 \
00956   ( ((c) >= '0' && (c) <= '9') ||               \
00957     ((c) >= 'A' && (c) <= 'Z') ||               \
00958     ((c) >= 'a' && (c) <= 'z') ||               \
00959     ((c) == '_') || ((c) == '-'))
00960 
00974 dbus_bool_t
00975 _dbus_validate_bus_name (const DBusString  *str,
00976                          int                start,
00977                          int                len)
00978 {
00979   const unsigned char *s;
00980   const unsigned char *end;
00981   const unsigned char *iface;
00982   const unsigned char *last_dot;
00983 
00984   _dbus_assert (start >= 0);
00985   _dbus_assert (len >= 0);
00986   _dbus_assert (start <= _dbus_string_get_length (str));
00987 
00988   if (len > _dbus_string_get_length (str) - start)
00989     return FALSE;
00990 
00991   if (len > DBUS_MAXIMUM_NAME_LENGTH)
00992     return FALSE;
00993 
00994   if (len == 0)
00995     return FALSE;
00996 
00997   last_dot = NULL;
00998   iface = _dbus_string_get_const_data (str) + start;
00999   end = iface + len;
01000   s = iface;
01001 
01002   /* check special cases of first char so it doesn't have to be done
01003    * in the loop. Note we know len > 0
01004    */
01005   if (*s == ':')
01006   {
01007     /* unique name */
01008     ++s;
01009     while (s != end)
01010       {
01011         if (*s == '.')
01012           {
01013             if (_DBUS_UNLIKELY ((s + 1) == end))
01014               return FALSE;
01015             if (_DBUS_UNLIKELY (!VALID_BUS_NAME_CHARACTER (*(s + 1))))
01016               return FALSE;
01017             ++s; /* we just validated the next char, so skip two */
01018           }
01019         else if (_DBUS_UNLIKELY (!VALID_BUS_NAME_CHARACTER (*s)))
01020           {
01021             return FALSE;
01022           }
01023 
01024         ++s;
01025       }
01026 
01027     return TRUE;
01028   }
01029   else if (_DBUS_UNLIKELY (*s == '.')) /* disallow starting with a . */
01030     return FALSE;
01031   else if (_DBUS_UNLIKELY (!VALID_INITIAL_BUS_NAME_CHARACTER (*s)))
01032     return FALSE;
01033   else
01034     ++s;
01035 
01036   while (s != end)
01037     {
01038       if (*s == '.')
01039         {
01040           if (_DBUS_UNLIKELY ((s + 1) == end))
01041             return FALSE;
01042           else if (_DBUS_UNLIKELY (!VALID_INITIAL_BUS_NAME_CHARACTER (*(s + 1))))
01043             return FALSE;
01044           last_dot = s;
01045           ++s; /* we just validated the next char, so skip two */
01046         }
01047       else if (_DBUS_UNLIKELY (!VALID_BUS_NAME_CHARACTER (*s)))
01048         {
01049           return FALSE;
01050         }
01051 
01052       ++s;
01053     }
01054 
01055   if (_DBUS_UNLIKELY (last_dot == NULL))
01056     return FALSE;
01057 
01058   return TRUE;
01059 }
01060 
01073 dbus_bool_t
01074 _dbus_validate_signature (const DBusString  *str,
01075                           int                start,
01076                           int                len)
01077 {
01078   _dbus_assert (start >= 0);
01079   _dbus_assert (start <= _dbus_string_get_length (str));
01080   _dbus_assert (len >= 0);
01081 
01082   if (len > _dbus_string_get_length (str) - start)
01083     return FALSE;
01084 
01085   return _dbus_validate_signature_with_reason (str, start, len) == DBUS_VALID;
01086 }
01087 
01089 DEFINE_DBUS_NAME_CHECK(path);
01091 DEFINE_DBUS_NAME_CHECK(interface);
01093 DEFINE_DBUS_NAME_CHECK(member);
01095 DEFINE_DBUS_NAME_CHECK(error_name);
01097 DEFINE_DBUS_NAME_CHECK(bus_name);
01099 DEFINE_DBUS_NAME_CHECK(signature);
01100 
01103 /* tests in dbus-marshal-validate-util.c */

Generated on Wed Nov 7 15:11:42 2012 for D-Bus by  doxygen 1.5.1