diff options
author | Simon McVittie <simon.mcvittie@collabora.co.uk> | 2015-05-14 14:41:06 +0100 |
---|---|---|
committer | Simon McVittie <simon.mcvittie@collabora.co.uk> | 2015-05-14 14:41:06 +0100 |
commit | 1c4f87ca2849ae49d6083a5a279d870aee52b5a3 (patch) | |
tree | f8d9ac380dff3bba10aef8913df5441793be4ea9 | |
parent | bcdead0fd4642a5e8985981c1583d40ff779299a (diff) | |
parent | 31489e1c4ffdbac220e1cde72fc5ce4ad43d3821 (diff) | |
download | dbus-1c4f87ca2849ae49d6083a5a279d870aee52b5a3.tar.gz |
Merge branch 'dbus-1.8'
Conflicts:
NEWS
cmake/CMakeLists.txt
configure.ac
-rw-r--r-- | NEWS | 21 | ||||
-rw-r--r-- | dbus/dbus-marshal-recursive.c | 29 |
2 files changed, 37 insertions, 13 deletions
@@ -1,6 +1,27 @@ D-Bus 1.9.16 (UNRELEASED) == +Security hardening: + +• On Unix platforms, change the default configuration for the session bus + to only allow EXTERNAL authentication (secure kernel-mediated + credentials-passing), as was already done for the system bus. + + This avoids falling back to DBUS_COOKIE_SHA1, which relies on strongly + unpredictable pseudo-random numbers; under certain circumstances + (/dev/urandom unreadable or malloc() returns NULL), dbus could + fall back to using rand(), which does not have the desired unpredictability. + The fallback to rand() has not been changed in this stable-branch since + the necessary code changes for correct error-handling are rather intrusive. + + If you are using D-Bus over the (unencrypted!) tcp: or nonce-tcp: transport, + in conjunction with DBUS_COOKIE_SHA1 and a shared home directory using + NFS or similar, you will need to reconfigure the session bus to accept + DBUS_COOKIE_SHA1 by commenting out the <auth> element. This configuration + is not recommended. + + (fd.o #90414, Simon McVittie) + Enhancements: • Add dbus_message_iter_get_element_count() diff --git a/dbus/dbus-marshal-recursive.c b/dbus/dbus-marshal-recursive.c index 4adfd2e9..9ba16e93 100644 --- a/dbus/dbus-marshal-recursive.c +++ b/dbus/dbus-marshal-recursive.c @@ -149,6 +149,7 @@ reader_init (DBusTypeReader *reader, const DBusString *value_str, int value_pos) { + _DBUS_ZERO (*reader); reader->byte_order = byte_order; reader->finished = FALSE; reader->type_str = type_str; @@ -736,11 +737,11 @@ _dbus_type_reader_init (DBusTypeReader *reader, const DBusString *value_str, int value_pos) { - reader->klass = &body_reader_class; - reader_init (reader, byte_order, type_str, type_pos, value_str, value_pos); + reader->klass = &body_reader_class; + #if RECURSIVE_MARSHAL_READ_TRACE _dbus_verbose (" type reader %p init type_pos = %d value_pos = %d remaining sig '%s'\n", reader, reader->type_pos, reader->value_pos, @@ -761,11 +762,11 @@ _dbus_type_reader_init_types_only (DBusTypeReader *reader, const DBusString *type_str, int type_pos) { - reader->klass = &body_types_only_reader_class; - reader_init (reader, DBUS_COMPILER_BYTE_ORDER /* irrelevant */, type_str, type_pos, NULL, _DBUS_INT_MAX /* crashes if we screw up */); + reader->klass = &body_types_only_reader_class; + #if RECURSIVE_MARSHAL_READ_TRACE _dbus_verbose (" type reader %p init types only type_pos = %d remaining sig '%s'\n", reader, reader->type_pos, @@ -988,6 +989,7 @@ void _dbus_type_reader_recurse (DBusTypeReader *reader, DBusTypeReader *sub) { + const DBusTypeReaderClass *klass; int t; t = _dbus_first_type_in_signature (reader->type_str, reader->type_pos); @@ -996,27 +998,27 @@ _dbus_type_reader_recurse (DBusTypeReader *reader, { case DBUS_TYPE_STRUCT: if (reader->klass->types_only) - sub->klass = &struct_types_only_reader_class; + klass = &struct_types_only_reader_class; else - sub->klass = &struct_reader_class; + klass = &struct_reader_class; break; case DBUS_TYPE_DICT_ENTRY: if (reader->klass->types_only) - sub->klass = &dict_entry_types_only_reader_class; + klass = &dict_entry_types_only_reader_class; else - sub->klass = &dict_entry_reader_class; + klass = &dict_entry_reader_class; break; case DBUS_TYPE_ARRAY: if (reader->klass->types_only) - sub->klass = &array_types_only_reader_class; + klass = &array_types_only_reader_class; else - sub->klass = &array_reader_class; + klass = &array_reader_class; break; case DBUS_TYPE_VARIANT: if (reader->klass->types_only) _dbus_assert_not_reached ("can't recurse into variant typecode"); else - sub->klass = &variant_reader_class; + klass = &variant_reader_class; break; default: _dbus_verbose ("recursing into type %s\n", _dbus_type_to_string (t)); @@ -1028,9 +1030,10 @@ _dbus_type_reader_recurse (DBusTypeReader *reader, _dbus_assert_not_reached ("don't yet handle recursing into this type"); } - _dbus_assert (sub->klass == all_reader_classes[sub->klass->id]); + _dbus_assert (klass == all_reader_classes[klass->id]); - (* sub->klass->recurse) (sub, reader); + (* klass->recurse) (sub, reader); + sub->klass = klass; #if RECURSIVE_MARSHAL_READ_TRACE _dbus_verbose (" type reader %p RECURSED type_pos = %d value_pos = %d remaining sig '%s'\n", |