Inicio Explorar Ayuda
Registro Iniciar sesión
PUBLIC_REPOS
/
buildroot
espejo de git://git.buildroot.net/buildroot
2
1
Fork 0
Archivos
Árbol: 89fc6f1d38
Ramas Etiquetas
buildroot
/
package
/
systemd
/
0018-Refuse-dbus-message-paths-longer-than-BUS_PATH_SIZE_.patch

0018-Refuse-dbus-message-paths-longer-than-BUS_PATH_SIZE_.patch 2.0 KB
Histórico Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253 
  1. From febef5e18558c114f4fb7c94f6c8ed3520c50cdf Mon Sep 17 00:00:00 2001
    2. 

  2. From: Riccardo Schirone <rschiron@redhat.com>
    3. 

  3. Date: Mon, 4 Feb 2019 14:29:09 +0100
    4. 

  4. Subject: [PATCH] Refuse dbus message paths longer than BUS_PATH_SIZE_MAX
    5. 

  5.  limit.
    6. 

  6. 

  7. Even though the dbus specification does not enforce any length limit on the
    8. 

  8. path of a dbus message, having to analyze too long strings in PID1 may be
    9. 

  9. time-consuming and it may have security impacts.
    10. 

  10. 

  11. In any case, the limit is set so high that real-life applications should not
    12. 

  12. have a problem with it.
    13. 

  13. 

  14. (cherry picked from commit 61397a60d98e368a5720b37e83f3169e3eb511c4)
    15. 

  15. Signed-off-by: Baruch Siach <baruch@tkos.co.il>
    16. 

  16. ---
    17. 

  17. Upstream status: commit 61397a60d98
    18. 

  18. 

  19.  src/libsystemd/sd-bus/bus-internal.c | 2 +-
    20. 

  20.  src/libsystemd/sd-bus/bus-internal.h | 4 ++++
    21. 

  21.  2 files changed, 5 insertions(+), 1 deletion(-)
    22. 

  22. 

  23. diff --git a/src/libsystemd/sd-bus/bus-internal.c b/src/libsystemd/sd-bus/bus-internal.c
    24. 

  24. index 40acae213381..598b7f110c73 100644
    25. 

  25. --- a/src/libsystemd/sd-bus/bus-internal.c
    26. 

  26. +++ b/src/libsystemd/sd-bus/bus-internal.c
    27. 

  27. @@ -43,7 +43,7 @@ bool object_path_is_valid(const char *p) {
    28. 

  28.          if (slash)
    29. 

  29.                  return false;
    30. 

  30.  
    31. 

  31. -        return true;
    32. 

  32. +        return (q - p) <= BUS_PATH_SIZE_MAX;
    33. 

  33.  }
    34. 

  34.  
    35. 

  35.  char* object_path_startswith(const char *a, const char *b) {
    36. 

  36. diff --git a/src/libsystemd/sd-bus/bus-internal.h b/src/libsystemd/sd-bus/bus-internal.h
    37. 

  37. index f208b294d8f1..a8d61bf72a4e 100644
    38. 

  38. --- a/src/libsystemd/sd-bus/bus-internal.h
    39. 

  39. +++ b/src/libsystemd/sd-bus/bus-internal.h
    40. 

  40. @@ -332,6 +332,10 @@ struct sd_bus {
    41. 

  41.  
    42. 

  42.  #define BUS_MESSAGE_SIZE_MAX (128*1024*1024)
    43. 

  43.  #define BUS_AUTH_SIZE_MAX (64*1024)
    44. 

  44. +/* Note that the D-Bus specification states that bus paths shall have no size limit. We enforce here one
    45. 

  45. + * anyway, since truly unbounded strings are a security problem. The limit we pick is relatively large however,
    46. 

  46. + * to not clash unnecessarily with real-life applications. */
    47. 

  47. +#define BUS_PATH_SIZE_MAX (64*1024)
    48. 

  48.  
    49. 

  49.  #define BUS_CONTAINER_DEPTH 128
    50. 

  50.  
    51. 

  51. -- 
    52. 

  52. 2.20.1
    53. 

  53.