Commit Graph

42 Commits

Author SHA1 Message Date
Philip Withnall
7cca4b1590 gdbusmessage: Validate required headers have the right type
We already validated that the required headers for each type of D-Bus
message were present. However, we didn’t validate that they contained a
variant of the right type. This could lead to functions like
`g_dbus_message_get_path()` returning `NULL` unexpectedly.

This failure could only be hit when using GDBus in peer-to-peer mode, or
with a D-Bus server which didn’t validate the headers itself. The
reference D-Bus server does validate the headers, and doesn’t forward
invalid messages to clients.

Signed-off-by: Philip Withnall <philip@tecnocode.co.uk>

Fixes: #3061
2023-08-28 11:11:37 +01:00
Philip Withnall
fd27c8dc6e tests: Add G_TEST_OPTION_ISOLATE_DIRS to almost all gdbus tests
This is a spiritual follow-up to commit 8cff531520, which
added `G_TEST_OPTION_ISOLATE_DIRS` to the `gdbus-connection-flush` test
to avoid its D-Bus cookie lock file from being erroneously deleted by
other tests running in parallel.

The same failure mode could affect any of the other D-Bus tests which
connect to a bus. As an easy fix, enable `G_TEST_OPTION_ISOLATE_DIRS`
for all of them.

The only test it’s not (yet) enabled for is `gdbus-address-get-session`
as that messes around with `XDG_RUNTIME_DIR` to test finding the session
bus. It might be possible to use `G_TEST_OPTION_ISOLATE_DIRS` with it,
but that would take longer than I have right now.

In any case, the more tests (which try to connect to a bus) that this is
enabled for, the lower the chances of spurious test failure due to them
conflicting over shared resources.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2022-11-23 11:15:20 +00:00
Philip Withnall
c613d32b92 tests: Add SPDX license headers automatically
Add SPDX license (but not copyright) headers to all files which follow a
certain pattern in their existing non-machine-readable header comment.

This commit was entirely generated using the command:
```
git ls-files gio/tests/*.c | xargs perl -0777 -pi -e 's/\n \*\n \* This library is free software; you can redistribute it and\/or\n \* modify it under the terms of the GNU Lesser General Public/\n \*\n \* SPDX-License-Identifier: LGPL-2.1-or-later\n \*\n \* This library is free software; you can redistribute it and\/or\n \* modify it under the terms of the GNU Lesser General Public/igs'
```

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Helps: #1415
2022-05-18 09:20:07 +01:00
Sebastian Wilhelmi
6499ad5356 gdbusmessage: Disallow empty structures/tuples in D-Bus messages
They are disallowed in the specification:
https://dbus.freedesktop.org/doc/dbus-specification.html#container-types

Helps: #2557
2022-01-26 13:04:49 +00:00
Philip Withnall
1f8390c002 gdbusmessage: Remove arbitrary restriction on minimum D-Bus blob length
The code in `g_dbus_message_new_from_blob()` has now been fixed to
correctly error out on all truncated messages, so there’s no need for an
arbitrary programmer error if the input is too short to contain a valid
D-Bus message header.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Helps: #2528
2021-11-23 12:57:29 +00:00
Sebastian Wilhelmi
c58be7d569 tests: Add test cases for truncated D-Bus messages
(Minor code formatting tweaks and leak fixes by Philip Withnall.)

Helps: #2528
2021-11-23 12:55:00 +00:00
Philip Withnall
7e9585177d tests: Drop use of g_test_bug_base()
Include the base URI in the `g_test_bug()` calls instead. This resolves
inconsistencies between the old bug base (bugzilla.gnome.org) and the
new bug base (gitlab.gnome.org). It also has the advantage that the URI
passed to `g_test_bug()` is now clickable in the code editor, rather
than being split across two locations.

See https://gitlab.gnome.org/GNOME/glib/-/merge_requests/275#note_303175

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2021-05-13 22:16:27 +01:00
Simon McVittie
de87bcf7ff gdbus-serialization: Don't leak string containing first serialization
We format the message into a string twice, once for each byte-order,
but only return the one corresponding to the last byte-order to the
caller. This means we need to free the first one.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2021-01-28 21:39:23 +00:00
Philip Withnall
f936bba0d1 tests: Improve validity of binary GDBusMessage parsing tests
These tests were originally written using the output directly from a
fuzzer which had triggered the bugs we’re testing for. However, that
means they’re liable to no longer test what they’re intended to test if
the `GDBusMessage` parsing code is changed to (for example) check for
certain errors earlier in future.

It’s better to only have one invalidity in each binary blob, so change
the test messages to all be valid apart from the specific thing they’re
testing for.

The changes were based on reading the D-Bus specification directly:
https://dbus.freedesktop.org/doc/dbus-specification.html

During these changes I found one problem in
`test_message_parse_deep_header_nesting()` where it wasn’t actually
nesting variants in the header deeply enough to trigger the bug it was
supposed to be testing for. Fixed that.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Fixes: #1963
2020-11-18 13:19:13 +00:00
Simon McVittie
44c004c84e Normalize C source files to end with exactly one newline
Some editors automatically remove trailing blank lines, or
automatically add a trailing newline to avoid having a trailing
non-blank line that is not terminated by a newline. To avoid unrelated
whitespace changes when users of such editors contribute to GLib,
let's pre-emptively normalize all files.

Unlike more intrusive whitespace normalization like removing trailing
whitespace from each line, this seems unlikely to cause significant
issues with cherry-picking changes to stable branches.

Implemented by:

    find . -name '*.[ch]' -print0 | \
    xargs -0 perl -0777 -p -i -e 's/\n+\z//g; s/\z/\n/g'

Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-06-10 09:48:02 +01:00
Philip Withnall
5054b48b7c gdbusmessage: Limit recursion of variants in D-Bus messages
This is the analogue of commit 7c4e6e9fbe, but applied to the
`GDBusMessage` parser, which does its own top-level parsing of the
variant format in D-Bus messages.

Previously, this code allowed arbitrary recursion of variant containers,
which could lead to a stack overflow. Now, that recursion is limited to
64 levels, as per the D-Bus specification:

https://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-marshaling-signature

This includes a new unit test.

oss-fuzz#14870

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-11-18 17:53:55 +00:00
Philip Withnall
de2236584d tests: Tidy up test case naming in gdbus-serialization test
Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-11-15 10:12:59 +00:00
Philip Withnall
d289ef449b tests: Port various tests to use g_assert_cmpvariant()
This should improve test error reporting a little.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-12-14 15:04:11 +00:00
Philip Withnall
0ff5e5cd32 gdbusmessage: Gracefully handle message signatures with invalid types
With the changes to limit GVariant type nesting (commit 7c4e6e9fbe),
it’s now possible to have a valid type signature which is not a valid
GVariant type when enclosed in parentheses (to make it a tuple).

Check for that when parsing the signature field in a D-Bus message.

Includes a unit test.

oss-fuzz#11120

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-11-15 09:22:38 +00:00
Philip Withnall
8e60b3dde0 tests: Use g_assert_null() in gdbus-serialization test
This introduces no real functional changes (except when compiling with
G_DISABLE_ASSERT, in which case it fixes the test). Mostly just a code
cleanup.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-10-23 17:01:51 +13:00
Philip Withnall
c2c9c7fa3b tests: Tidy up GError handling in gdbus-serialization test
This introduces no functional changes; just a bit of code tidying.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-10-23 17:01:51 +13:00
Philip Withnall
e03d5a335b gdbusmessage: Check for valid GVariantType when parsing a variant blob
The code was checking whether the signature provided by the blob was a
valid D-Bus signature — but that’s a superset of a valid GVariant type
string, since a D-Bus signature is zero or more complete types. A
GVariant type string is exactly one complete type.

This meant that a D-Bus message with a header field containing a variant
with an empty type signature (for example) could cause a critical
warning in the code parsing it.

Fix that by checking whether the string is a valid type string too.

Unit test included.

oss-fuzz#9810

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-10-23 17:01:51 +13:00
Philip Withnall
af712bbce1 gdbusmessage: Validate type of message header signature field
Parsing a D-Bus message with the signature field in the message header
of type other than ‘g’ (GVariant type signature) would cause a critical
warning. Instead, we should return a runtime error.

Includes a test.

oss-fuzz#9825

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-10-23 17:01:51 +13:00
Руслан Ижбулатов
ad3694b82a Enable GIO tests on Windows
1) Remove the non-Windows-only condition for subdir('tests').
2) Add libiphlpapi, libws2_32 and libsecur32 deps, needed for W32 tests.
3) Remove the -no-undefined argument (gcc doesn't understand it,
   it *does* understand -Wl,-no-undefined; either way, the test
   compiles without this argument just fine; maybe meson adds it
   by itself - you can hardly build shared modules without it).
4) Add or fix a number of includes
5) Disable gdbus-objectmanager tests when building with MSVC
   (right now these tests don't work on Windows anyway, so the fact
    that MSVC can't even build them properly is irrelevant;
    most likely gdbus-codegen needs changes to put _GLIB_EXTERN
    before each function)
2018-09-12 15:42:11 +00:00
Ting-Wei Lan
6f2b3503a5 tests: Set both environment variable and locale when running tests
Non-glibc gettext implementation seems to decide the language from
LC_MESSAGES environment variable instead of LC_MESSAGES locale, so
we should set both environment variable and locale when running tests
which need translation from specific languages.
2018-06-09 02:40:01 +08:00
Sébastien Wilmet
d9a44b66af gio/tests/: LGPLv2+ -> LGPLv2.1+
A lot of tests in gio/tests/ don't have a license header.

https://bugzilla.gnome.org/show_bug.cgi?id=776504
2017-05-29 19:53:34 +02:00
Simon McVittie
663e12feca gdbus-serialization test: don't left-shift a negative number
-2LL<<34 is undefined, because left-shifting a negative number is
undefined (it was implementation-defined behaviour in C99, but
is formally undefined in C11). The undefined behaviour sanitizer
picks this up.

Signed-off-by: Simon McVittie <smcv@debian.org>
Bug: https://bugzilla.gnome.org/show_bug.cgi?id=775510
Reviewed-by: Colin Walters
2016-12-02 19:10:41 +00:00
Simon McVittie
f42d2c1b54 gdbus-serialization: use check_serialization() instead of dbus-daemon
This test originally did not connect to the bus, which meant it was
omitted from commits like 415a8d81 that made sure none of GLib tests
rely on the presence of an existing session bus. (In particular,
Debian autobuilders don't have a session bus.)

When test_double_array() was added, environments like the Debian
autobuilders didn't catch the fact that this test relied on having a
session bus, because it is often skipped in minimal environments
due to its libdbus-1 dependency.

We don't actually need to connect to a dbus-daemon here: it's enough
to convert the message from GVariant to D-Bus serialization, and
back into an in-memory representation through libdbus. That's what
check_serialization() does, and I've verified that when I re-introduce
bug #732754 by reverting commits 627b49b and 2268628 locally, this
test still fails.

Bug: https://bugzilla.gnome.org/show_bug.cgi?id=744895
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Reviewed-by: Colin Walters <walters@verbum.org>
2015-05-08 16:03:57 +01:00
Philip Withnall
c62f7a7d68 tests: Fix various minor memory leaks in gdbus-serialization 2015-04-21 23:55:49 +01:00
Stef Walter
b6c1d696a9 gio: Add regression test for double array encoding
https://bugzilla.gnome.org/show_bug.cgi?id=732754
2014-07-23 15:44:40 +02:00
Daniel Mustieles
078dbda148 Updated FSF's address 2014-01-31 14:31:55 +01:00
Dan Winship
4b94c0831e Use 'dumb quotes' rather than `really dumb quotes'
Back in the far-off twentieth century, it was normal on unix
workstations for U+0060 GRAVE ACCENT to be drawn as "‛" and for U+0027
APOSTROPHE to be drawn as "’". This led to the convention of using
them as poor-man's ‛smart quotes’ in ASCII-only text.

However, "'" is now universally drawn as a vertical line, and "`" at a
45-degree angle, making them an `odd couple' when used together.

Unfortunately, there are lots of very old strings in glib, and also
lots of new strings in which people have kept up the old tradition,
perhaps entirely unaware that it used to not look stupid.

Fix this by just using 'dumb quotes' everywhere.

https://bugzilla.gnome.org/show_bug.cgi?id=700746
2013-05-21 11:23:22 -03:00
Ryan Lortie
1dc774a653 Remove g_type_init() calls
Very many testcases, some GLib tools (resource compiler, etc) and
GApplication were calling g_type_init().

Remove those uses, as they are no longer required.

https://bugzilla.gnome.org/show_bug.cgi?id=686161
2012-10-16 09:39:24 -04:00
Will Thompson
c037879bd1 gdbus: test case for 673612
When presented with an array of empty arrays of 8-byte-aligned types,
GDBus would incorrectly apply the 8-byte alignment when reading back.

https://bugzilla.gnome.org/show_bug.cgi?id=673612

Signed-off-by: David Zeuthen <davidz@redhat.com>
2012-04-10 16:39:49 -04:00
Colin Walters
01602e1695 Fix some compiler warnings from gcc 4.6 2011-04-15 15:51:25 -04:00
Simon McVittie
c2387ddff1 /gdbus/message-serialize-invalid test: be compatible with D-Bus 1.4.8
Older versions of libdbus would let you construct an invalid
DBusMessage, but that's a bug, which will be fixed in 1.4.8/1.5.0.
Instead, construct a valid message of the same length, then replace
substrings in the serialized blob with their invalid counterparts.

Bug: https://bugzilla.gnome.org/show_bug.cgi?id=646326

Signed-off-by: David Zeuthen <davidz@redhat.com>
2011-04-15 06:00:16 -04:00
David Zeuthen
89a1b571ad GDBusMessage: Validate header fields when serializing/deserializing
The D-Bus spec mentions exactly what header fields are required for
various message types. Add tests for this as well.

Also disallow empty interfaces for signals since the D-Bus spec says
this is Verboten already.

Signed-off-by: David Zeuthen <davidz@redhat.com>
2010-08-04 14:38:51 -04:00
David Zeuthen
6f070be65b GDBusMessage: Add a way to get/set byte order of a message
Also use this in the test cases to check that serialization to and
from both big and little endian works.

Signed-off-by: David Zeuthen <davidz@redhat.com>
2010-08-04 13:34:14 -04:00
David Zeuthen
5bd34a820e GDBusMessage: Validate UTF-8 strings when serializing from blob
Signed-off-by: David Zeuthen <davidz@redhat.com>
2010-08-04 11:26:48 -04:00
David Zeuthen
2be167f57c GDBus: Add support for D-Bus type 'h' (ie. G_VARIANT_TYPE_HANDLE)
This allows sending and receiving D-Bus messages with instances of the
'h' D-Bus type. Unlike libdbus-1's dbus_message_iter_get_basic()
method, g_variant_get_handle() does not return a duplicated unix file
descriptor (that must be closed with close(2)) - instead, it returns
an index that can be used to get/dup the file descriptor from a
GUnixFDList object that can be obtained from the GDBusMessage object.

Signed-off-by: David Zeuthen <davidz@redhat.com>
2010-07-20 11:38:23 -04:00
David Zeuthen
48b1fe948c Bug 623810 – Message serialization bug
https://bugzilla.gnome.org/show_bug.cgi?id=623810

Signed-off-by: David Zeuthen <davidz@redhat.com>
2010-07-15 12:20:30 -04:00
David Zeuthen
79d32c2fc1 GDBusMessage: Fix bug when deserializing a message
See https://bugzilla.gnome.org/show_bug.cgi?id=621838 for the whole
story. The problem was that we ended up reading data from arrays of
arrays when we were just supposed to be aligning the buffers.

Also add a host of debug infrastructure that was needed to find the
root cause. For now it can be turned on only via defining
DEBUG_SERIALIZER. In the future we might want to make it work via
G_DBUS_DEBUG. In a nutshell, the added debug info looks like this

Parsing blob (blob_len = 0x0084 bytes)
  0000: 6c 01 00 01  3c 00 00 00  41 00 00 00  37 00 00 00    l...<...A...7...
  0010: 08 01 67 00  08 61 61 79  61 7b 73 76  7d 00 00 00    ..g..aaya{sv}...
  0020: 01 01 6f 00  08 00 00 00  2f 66 6f 6f  2f 62 61 72    ..o...../foo/bar
  0030: 00 00 00 00  00 00 00 00  03 01 73 00  06 00 00 00    ..........s.....
  0040: 4d 65 6d 62  65 72 00 00  00 00 00 00  34 00 00 00    Member......4...
  0050: 03 00 00 00  63 77 64 00  01 73 00 00  23 00 00 00    ....cwd..s..#...
  0060: 2f 68 6f 6d  65 2f 64 61  76 69 64 7a  2f 48 61 63    /home/davidz/Hac
  0070: 6b 69 6e 67  2f 67 6c 69  62 2f 67 69  6f 2f 74 65    king/glib/gio/te
  0080: 73 74 73 00                                           sts.

Parsing headers (blob_len = 0x0084 bytes)
  Reading type a{yv} from offset 0x000c: array spans 0x0037 bytes
    Reading type {yv} from offset 0x0010
      Reading type y from offset 0x0010: 0x08 '
      Reading type v from offset 0x0011
        Reading type g from offset 0x0014: 'aaya{sv}'
    Reading type {yv} from offset 0x001e
      Reading type y from offset 0x0020: 0x01 ''
      Reading type v from offset 0x0021
        Reading type o from offset 0x0024: '/foo/bar'
    Reading type {yv} from offset 0x0031
      Reading type y from offset 0x0038: 0x03 ''
      Reading type v from offset 0x0039
        Reading type s from offset 0x003c: 'Member'
Parsing body (blob_len = 0x0084 bytes)
  Reading type (aaya{sv}) from offset 0x0047
    Reading type aay from offset 0x0048: array spans 0x0000 bytes
    Reading type a{sv} from offset 0x004c: array spans 0x0034 bytes
      Reading type {sv} from offset 0x0050
        Reading type s from offset 0x0050: 'cwd'
        Reading type v from offset 0x0058
          Reading type s from offset 0x005b: '/home/davidz/Hacking/glib/gio/tests'
OK

Signed-off-by: David Zeuthen <davidz@redhat.com>
2010-06-17 18:01:32 -04:00
David Zeuthen
bb6530eb34 GDBus: Fix serialization of empty arrays
It turns out that we didn't observe padding (neither when reading nor
writing) for empty arrays which (apparently) is needed according to
the D-Bus spec and reference implementation. A simple test case to
provoke this behavior is as follows (notice the lack of 4 bytes worth
of padding at position 0x0064):

 Error calling dbus_message_demarshal() on this blob: org.freedesktop.DBus.Error.InvalidArgs: Message is corrupted (Alignment padding not null)
 0000: 6c 01 00 01  2e 00 00 00  41 00 00 00  37 00 00 00    l.......A...7...
 0010: 08 01 67 00  08 73 61 7b  73 76 7d 61  73 00 00 00    ..g..sa{sv}as...
 0020: 01 01 6f 00  08 00 00 00  2f 66 6f 6f  2f 62 61 72    ..o...../foo/bar
 0030: 00 00 00 00  00 00 00 00  03 01 73 00  06 00 00 00    ..........s.....
 0040: 4d 65 6d 62  65 72 00 00  11 00 00 00  30 31 32 33    Member......0123
 0050: 34 35 36 37  38 39 30 31  32 33 34 35  36 00 00 00    4567890123456...
 0060: 00 00 00 00  0e 00 00 00  09 00 00 00  53 6f 6d 65    ............Some
 0070: 74 68 69 6e  67 00                                    thing.

 The blob was generated from the following GVariant value:
 ('01234567890123456', @a{sv} {}, ['Something'])

 If the blob was encoded using DBusMessageIter, the payload would have been:

 0000: 6c 01 00 01  32 00 00 00  41 00 00 00  36 00 00 00    l...2...A...6...
 0010: 01 01 6f 00  08 00 00 00  2f 66 6f 6f  2f 62 61 72    ..o...../foo/bar
 0020: 00 00 00 00  00 00 00 00  03 01 73 00  06 00 00 00    ..........s.....
 0030: 4d 65 6d 62  65 72 00 00  08 01 67 00  08 73 61 7b    Member....g..sa{
 0040: 73 76 7d 61  73 00 00 00  11 00 00 00  30 31 32 33    sv}as.......0123
 0050: 34 35 36 37  38 39 30 31  32 33 34 35  36 00 00 00    4567890123456...
 0060: 00 00 00 00  00 00 00 00  0e 00 00 00  09 00 00 00    ................
 0070: 53 6f 6d 65  74 68 69 6e  67 00                       Something.
 ** ERROR:gdbus-serialization.c:547:check_serialization: code should not be reached
 Aborted

and this is now in the libdbus-1-using serialization test case.

Signed-off-by: David Zeuthen <davidz@redhat.com>
2010-05-14 12:56:09 -04:00
David Zeuthen
33952347ff GDBus: Make message serialization routines take capabilities param
This is needed to e.g. allow encoding maybe types (once we add
G_DBUS_CAPABILITY_FLAGS_MAYBE_TYPES) if, and only if, that capability
has been negotiated with the peer (via authentication).
2010-05-13 14:03:58 -04:00
Matthias Clasen
728c4e38e7 More copyright year updates 2010-05-10 08:07:28 -04:00
David Zeuthen
46ce134d51 GDBus: Add new symbols to gio.symbols 2010-05-06 17:31:51 -04:00
David Zeuthen
d0a14469d0 Initial GDBus code-drop from GDBus-standalone repo
Things compile and the test-suite passes. Still need to hook up
gio.symbols and docs. There are still a bunch of TODOs left in the
sources that needs to be addressed.

Signed-off-by: David Zeuthen <davidz@redhat.com>
2010-05-06 14:21:32 -04:00