dbus/object_proxy.cc - Issue 11199007: Add sender verification of D-Bus signals.

Side by Side Diff: dbus/object_proxy.cc

Issue 11199007: Add sender verification of D-Bus signals. (Closed) Base URL: http://git.chromium.org/chromium/src.git@master

Patch Set: Created 8 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "dbus/bus.h"	5 #include "dbus/bus.h"

6	6

7 #include "base/bind.h"	7 #include "base/bind.h"

8 #include "base/logging.h"	8 #include "base/logging.h"

9 #include "base/message_loop.h"	9 #include "base/message_loop.h"

10 #include "base/metrics/histogram.h"	10 #include "base/metrics/histogram.h"

11 #include "base/string_piece.h"	11 #include "base/string_piece.h"

12 #include "base/stringprintf.h"	12 #include "base/stringprintf.h"

13 #include "base/threading/thread.h"	13 #include "base/threading/thread.h"

14 #include "base/threading/thread_restrictions.h"	14 #include "base/threading/thread_restrictions.h"

15 #include "dbus/message.h"	15 #include "dbus/message.h"

16 #include "dbus/object_path.h"	16 #include "dbus/object_path.h"

17 #include "dbus/object_proxy.h"	17 #include "dbus/object_proxy.h"

18 #include "dbus/scoped_dbus_error.h"	18 #include "dbus/scoped_dbus_error.h"

19	19

20 namespace {	20 namespace {

21	21

22 const char kErrorServiceUnknown[] = "org.freedesktop.DBus.Error.ServiceUnknown";	22 const char kErrorServiceUnknown[] = "org.freedesktop.DBus.Error.ServiceUnknown";

23	23

24 // Used for success ratio histograms. 1 for success, 0 for failure.	24 // Used for success ratio histograms. 1 for success, 0 for failure.

25 const int kSuccessRatioHistogramMaxValue = 2;	25 const int kSuccessRatioHistogramMaxValue = 2;

26	26

	27 const dbus::ObjectPath kDbusSystemObjectPath("/org/freedesktop/DBus");
	satorux1 2012/10/22 04:50:42 ObjectPath may be POD but we should avoid doing th ObjectPath may be POD but we should avoid doing this. Please use const char[] instead. http://google-styleguide.googlecode.com/svn/trunk/cppguide.xml?showone=Static... Haruki Sato 2012/10/24 08:28:05 Done. Thanks! Show quoted text On 2012/10/22 04:50:42, satorux1 wrote: > ObjectPath may be POD but we should avoid doing this. Please use const char[] > instead. > > http://google-styleguide.googlecode.com/svn/trunk/cppguide.xml?showone=Static... Done. Thanks!
	28

27 // Gets the absolute signal name by concatenating the interface name and	29 // Gets the absolute signal name by concatenating the interface name and

28 // the signal name. Used for building keys for method_table_ in	30 // the signal name. Used for building keys for method_table_ in

29 // ObjectProxy.	31 // ObjectProxy.

30 std::string GetAbsoluteSignalName(	32 std::string GetAbsoluteSignalName(

31 const std::string& interface_name,	33 const std::string& interface_name,

32 const std::string& signal_name) {	34 const std::string& signal_name) {

33 return interface_name + "." + signal_name;	35 return interface_name + "." + signal_name;

34 }	36 }

35	37

36 // An empty function used for ObjectProxy::EmptyResponseCallback().	38 // An empty function used for ObjectProxy::EmptyResponseCallback().

(...skipping 313 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
350 if (bus_->Connect() && bus_->SetUpAsyncOperations()) {	352 if (bus_->Connect() && bus_->SetUpAsyncOperations()) {

351 // We should add the filter only once. Otherwise, HandleMessage() will	353 // We should add the filter only once. Otherwise, HandleMessage() will

352 // be called more than once.	354 // be called more than once.

353 if (!filter_added_) {	355 if (!filter_added_) {

354 if (bus_->AddFilterFunction(&ObjectProxy::HandleMessageThunk, this)) {	356 if (bus_->AddFilterFunction(&ObjectProxy::HandleMessageThunk, this)) {

355 filter_added_ = true;	357 filter_added_ = true;

356 } else {	358 } else {

357 LOG(ERROR) << "Failed to add filter function";	359 LOG(ERROR) << "Failed to add filter function";

358 }	360 }

359 }	361 }

	362

	363 // Add a match_rule listening NameOwnerChanged for the well-known name

	364 // \|service_name_\|.

	365 const std::string name_owner_changed_match_rule =

	366 base::StringPrintf(

	367 "type='signal',interface='org.freedesktop.DBus',"

	368 "member='NameOwnerChanged',path='/org/freedesktop/DBus',"

	369 "sender='org.freedesktop.DBus',arg0='%s'",

	370 service_name_.c_str());

360 // Add a match rule so the signal goes through HandleMessage().	371 // Add a match rule so the signal goes through HandleMessage().

361 const std::string match_rule =	372 const std::string match_rule =

362 base::StringPrintf("type='signal', interface='%s', path='%s'",	373 base::StringPrintf("type='signal', interface='%s', path='%s'",

363 interface_name.c_str(),	374 interface_name.c_str(),

364 object_path_.value().c_str());	375 object_path_.value().c_str());

365	376

366 // Add the match rule if we don't have it.	377 success = AddMatchRuleAndCallback(match_rule, absolute_signal_name,

367 if (match_rules_.find(match_rule) == match_rules_.end()) {	378 signal_callback) &&
	satorux1 2012/10/22 04:50:42 when parameters don't fit in one line, please alig when parameters don't fit in one line, please align them vertically. Haruki Sato 2012/10/24 08:28:05 Done. Show quoted text On 2012/10/22 04:50:42, satorux1 wrote: > when parameters don't fit in one line, please align them vertically. Done.
368 ScopedDBusError error;	379 AddMatchRuleWithoutCallback(

369 bus_->AddMatch(match_rule, error.get());;	380 name_owner_changed_match_rule,

370 if (error.is_set()) {	381 "org.freedesktop.DBus.NameOwnerChanged");
	satorux1 2012/10/22 04:50:42 Looks a bit tricky. Please do if (AddMatchRuleAnd Looks a bit tricky. Please do if (AddMatchRuleAndCallback(..) && AddMatchRuleWithoutCallback(...)) { success = true; } Haruki Sato 2012/10/24 08:28:05 Done. Show quoted text On 2012/10/22 04:50:42, satorux1 wrote: > Looks a bit tricky. Please do > > if (AddMatchRuleAndCallback(..) && > AddMatchRuleWithoutCallback(...)) { > success = true; > } Done.
371 LOG(ERROR) << "Failed to add match rule: " << match_rule;

372 } else {

373 // Store the match rule, so that we can remove this in Detach().

374 match_rules_.insert(match_rule);

375 // Add the signal callback to the method table.

376 method_table_[absolute_signal_name] = signal_callback;

377 success = true;

378 }

379 } else {

380 // We already have the match rule.

381 method_table_[absolute_signal_name] = signal_callback;

382 success = true;

383 }

384 }	382 }

385	383

386 // Run on_connected_callback in the origin thread.	384 // Run on_connected_callback in the origin thread.

387 bus_->PostTaskToOriginThread(	385 bus_->PostTaskToOriginThread(

388 FROM_HERE,	386 FROM_HERE,

389 base::Bind(&ObjectProxy::OnConnected,	387 base::Bind(&ObjectProxy::OnConnected,

390 this,	388 this,

391 on_connected_callback,	389 on_connected_callback,

392 interface_name,	390 interface_name,

393 signal_name,	391 signal_name,

(...skipping 20 matching lines...) Expand all Loading...
414 // reference so we can use it in Signal.	412 // reference so we can use it in Signal.

415 dbus_message_ref(raw_message);	413 dbus_message_ref(raw_message);

416 scoped_ptr<Signal> signal(	414 scoped_ptr<Signal> signal(

417 Signal::FromRawMessage(raw_message));	415 Signal::FromRawMessage(raw_message));

418	416

419 // Verify the signal comes from the object we're proxying for, this is	417 // Verify the signal comes from the object we're proxying for, this is

420 // our last chance to return DBUS_HANDLER_RESULT_NOT_YET_HANDLED and	418 // our last chance to return DBUS_HANDLER_RESULT_NOT_YET_HANDLED and

421 // allow other object proxies to handle instead.	419 // allow other object proxies to handle instead.

422 const dbus::ObjectPath path = signal->GetPath();	420 const dbus::ObjectPath path = signal->GetPath();

423 if (path != object_path_) {	421 if (path != object_path_) {

	422 if (path == kDbusSystemObjectPath &&

	423 signal->GetMember() == "NameOwnerChanged") {

	424 // Handle NameOwnerChanged separately

	425 return HandleNameOwnerChanged(signal.get());

	426 }

424 return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;	427 return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;

425 }	428 }

426	429

427 const std::string interface = signal->GetInterface();	430 const std::string interface = signal->GetInterface();

428 const std::string member = signal->GetMember();	431 const std::string member = signal->GetMember();

429	432

430 // Check if we know about the signal.	433 // Check if we know about the signal.

431 const std::string absolute_signal_name = GetAbsoluteSignalName(	434 const std::string absolute_signal_name = GetAbsoluteSignalName(

432 interface, member);	435 interface, member);

433 MethodTable::const_iterator iter = method_table_.find(absolute_signal_name);	436 MethodTable::const_iterator iter = method_table_.find(absolute_signal_name);

434 if (iter == method_table_.end()) {	437 if (iter == method_table_.end()) {

435 // Don't know about the signal.	438 // Don't know about the signal.

436 return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;	439 return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;

437 }	440 }

438 VLOG(1) << "Signal received: " << signal->ToString();	441 VLOG(1) << "Signal received: " << signal->ToString();

439	442

	443 std::string sender = signal->GetSender();

	444 if (service_name_owner_.empty()) {

	445 UpdateNameOwner();

	446 }

	447

	448 if (service_name_owner_ != sender) {

	449 LOG(ERROR) << "Rejecting a message from a wrong sender.";

	450 UMA_HISTOGRAM_COUNTS("DBus.RejectedSignalCount", 1);

	451 return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;

	452 }

	453

440 const base::TimeTicks start_time = base::TimeTicks::Now();	454 const base::TimeTicks start_time = base::TimeTicks::Now();

441 if (bus_->HasDBusThread()) {	455 if (bus_->HasDBusThread()) {

442 // Post a task to run the method in the origin thread.	456 // Post a task to run the method in the origin thread.

443 // Transfer the ownership of \|signal\| to RunMethod().	457 // Transfer the ownership of \|signal\| to RunMethod().

444 // \|released_signal\| will be deleted in RunMethod().	458 // \|released_signal\| will be deleted in RunMethod().

445 Signal* released_signal = signal.release();	459 Signal* released_signal = signal.release();

446 bus_->PostTaskToOriginThread(FROM_HERE,	460 bus_->PostTaskToOriginThread(FROM_HERE,

447 base::Bind(&ObjectProxy::RunMethod,	461 base::Bind(&ObjectProxy::RunMethod,

448 this,	462 this,

449 start_time,	463 start_time,

(...skipping 58 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
508 std::string error_message;	522 std::string error_message;

509 reader.PopString(&error_message);	523 reader.PopString(&error_message);

510 LogMethodCallFailure(interface_name,	524 LogMethodCallFailure(interface_name,

511 method_name,	525 method_name,

512 error_response->GetErrorName(),	526 error_response->GetErrorName(),

513 error_message);	527 error_message);

514 }	528 }

515 response_callback.Run(NULL);	529 response_callback.Run(NULL);

516 }	530 }

517	531

	532 bool ObjectProxy::AddMatchRuleWithoutCallback(
	satorux1 2012/10/22 05:23:32 The order does not match with .h file? The order does not match with .h file? Haruki Sato 2012/10/24 08:28:05 Done. Show quoted text On 2012/10/22 05:23:32, satorux1 wrote: > The order does not match with .h file? Done.
	533 std::string match_rule, std::string absolute_signal_name) {
	satorux1 2012/10/22 05:23:32 Please add this: bus_->AssertOnDBusThread(); Please add this: bus_->AssertOnDBusThread(); Haruki Sato 2012/10/24 08:28:05 Done. Thanks. Show quoted text On 2012/10/22 05:23:32, satorux1 wrote: > Please add this: > > bus_->AssertOnDBusThread(); Done. Thanks.
	534 if (match_rules_.find(match_rule) == match_rules_.end()) {
	satorux1 2012/10/22 05:23:32 maybe: if (match_rules_.find(match_rule) == match maybe: if (match_rules_.find(match_rule) == match_rules_.end()) return true; This will save one-indentation level. Haruki Sato 2012/10/24 08:28:05 Done. Thanks! Show quoted text On 2012/10/22 05:23:32, satorux1 wrote: > maybe: > > if (match_rules_.find(match_rule) == match_rules_.end()) > return true; > > This will save one-indentation level. Done. Thanks!
	535 ScopedDBusError error;

	536 bus_->AddMatch(match_rule, error.get());

	537 if (error.is_set()) {

	538 LOG(ERROR) << "Failed to add match rule \"" << match_rule << "\". Got " <<

	539 error.name() << ": " << error.message();

	540 return false;

	541 } else {

	542 // Store the match rule, so that we can remove this in Detach().

	543 match_rules_.insert(match_rule);

	544 }

	545 }

	546 return true;

	547 }

	548

	549 bool ObjectProxy::AddMatchRuleAndCallback(std::string match_rule,
	satorux1 2012/10/22 05:23:32 And -> With? And -> With? Haruki Sato 2012/10/24 08:28:05 Done. Show quoted text On 2012/10/22 05:23:32, satorux1 wrote: > And -> With? Done.
	550 std::string absolute_signal_name,

	551 SignalCallback signal_callback) {
	satorux1 2012/10/22 05:23:32 Please add this: bus_->AssertOnDBusThread(); Please add this: bus_->AssertOnDBusThread(); Haruki Sato 2012/10/24 08:28:05 Done. Show quoted text On 2012/10/22 05:23:32, satorux1 wrote: > Please add this: > > bus_->AssertOnDBusThread(); Done.
	552 if (match_rules_.find(match_rule) == match_rules_.end()) {

	553 ScopedDBusError error;

	554 bus_->AddMatch(match_rule, error.get());

	555 if (error.is_set()) {

	556 LOG(ERROR) << "Failed to add match rule \"" << match_rule << "\". Got " <<

	557 error.name() << ": " << error.message();

	558 return false;

	559 } else {

	560 // Store the match rule, so that we can remove this in Detach().

	561 match_rules_.insert(match_rule);

	562 // Add the signal callback to the method table.

	563 method_table_[absolute_signal_name] = signal_callback;

	564 return true;

	565 }

	566 } else {

	567 // We already have the match rule.

	568 method_table_[absolute_signal_name] = signal_callback;

	569 return true;

	570 }

	571 }

	572

	573 bool ObjectProxy::UpdateNameOwner() {
	satorux1 2012/10/22 05:23:32 Please add this: bus_->AssertOnDBusThread(); Please add this: bus_->AssertOnDBusThread(); Haruki Sato 2012/10/24 08:28:05 Done. Show quoted text On 2012/10/22 05:23:32, satorux1 wrote: > Please add this: > > bus_->AssertOnDBusThread(); Done.
	574 MethodCall get_name_owner_call("org.freedesktop.DBus", "GetNameOwner");

	575 MessageWriter writer(&get_name_owner_call);

	576 writer.AppendString(service_name_);

	577 VLOG(1) << "Method call: " << get_name_owner_call.ToString();

	578

	579 const dbus::ObjectPath obj_path("/org/freedesktop/DBus");

	580 ScopedDBusError error;

	581 if (!get_name_owner_call.SetDestination("org.freedesktop.DBus") \|\|

	582 !get_name_owner_call.SetPath(obj_path)) {

	583 LOG(ERROR) << "Failed to get name owner.";

	584 return false;

	585 }

	586

	587 DBusMessage* response_message = bus_->SendWithReplyAndBlock(

	588 get_name_owner_call.raw_message(), 1000, error.get());
	satorux1 2012/10/22 05:23:32 what's 1000? please define a constant. what's 1000? please define a constant. Haruki Sato 2012/10/24 08:28:05 Done. Thanks. Show quoted text On 2012/10/22 05:23:32, satorux1 wrote: > what's 1000? please define a constant. Done. Thanks.
	589 if (!response_message) {

	590 LOG(ERROR) << "Failed to get name owner. Got " << error.name() << ": " <<

	591 error.message();

	592 return false;

	593 }

	594 scoped_ptr<Response> response(Response::FromRawMessage(response_message));

	595 MessageReader reader(response.get());

	596 reader.PopString(&service_name_owner_);
	satorux1 2012/10/22 05:23:32 It's not guaranteed that PopString() succeeds. Ple It's not guaranteed that PopString() succeeds. Please check the return value: return reader.PopString(&service_name_owner_); Haruki Sato 2012/10/24 08:28:05 Done. Show quoted text On 2012/10/22 05:23:32, satorux1 wrote: > It's not guaranteed that PopString() succeeds. Please check the return value: > > return reader.PopString(&service_name_owner_); Done.
	597 return true;

	598 }

	599

	600 DBusHandlerResult ObjectProxy::HandleNameOwnerChanged(Signal* signal) {
	satorux1 2012/10/22 05:23:32 Please put: bus_->AssertOnDBusThread(); DCHECK(si Please put: bus_->AssertOnDBusThread(); DCHECK(signal); Haruki Sato 2012/10/24 08:28:05 Done. Show quoted text On 2012/10/22 05:23:32, satorux1 wrote: > Please put: > > bus_->AssertOnDBusThread(); > DCHECK(signal); Done.
	601 // Confirm the validity of the NameOwnerChanged signal.

	602 if (signal->GetMember() == "NameOwnerChanged" &&

	603 signal->GetInterface() == "org.freedesktop.DBus" &&

	604 signal->GetSender() == "org.freedesktop.DBus") {

	605 MessageReader reader(signal);

	606 std::string name, old_owner, new_owner;

	607 reader.PopString(&name);

	608 reader.PopString(&old_owner);

	609 reader.PopString(&new_owner);
	satorux1 2012/10/22 05:23:32 Please check return value of PopString() Please check return value of PopString() Haruki Sato 2012/10/24 08:28:05 Done. Show quoted text On 2012/10/22 05:23:32, satorux1 wrote: > Please check return value of PopString() Done.
	610 if (name == service_name_) {

	611 service_name_owner_ = new_owner;

	612 return DBUS_HANDLER_RESULT_HANDLED;

	613 }

	614 }

	615

	616 // Untrusted or uninteresting signal

	617 return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;

	618 }

	619

518 } // namespace dbus	620 } // namespace dbus

OLD	NEW

« dbus/object_proxy.h ('K') | « dbus/object_proxy.h ('k') | dbus/signal_sender_verification_unittest.cc » ('j') | dbus/signal_sender_verification_unittest.cc » ('J')