1 /* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
2 /* dbus-marshal-validate.h  Validation routines for marshaled data
3  *
4  * Copyright (C) 2005  Red Hat, Inc.
5  *
6  * Licensed under the Academic Free License version 2.1
7  *
8  * This program is free software; you can redistribute it and/or modify
9  * it under the terms of the GNU General Public License as published by
10  * the Free Software Foundation; either version 2 of the License, or
11  * (at your option) any later version.
12  *
13  * This program is distributed in the hope that it will be useful,
14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16  * GNU General Public License for more details.
17  *
18  * You should have received a copy of the GNU General Public License
19  * along with this program; if not, write to the Free Software
20  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
21  *
22  */
23 
24 #ifndef DBUS_MARSHAL_VALIDATE_H
25 #define DBUS_MARSHAL_VALIDATE_H
26 
27 /**
28  * @addtogroup DBusMarshal
29  *
30  * @{
31  */
32 
33 /**
34  * This is used rather than a bool for high visibility
35  */
36 typedef enum
37 {
38   DBUS_VALIDATION_MODE_WE_TRUST_THIS_DATA_ABSOLUTELY,
39   DBUS_VALIDATION_MODE_DATA_IS_UNTRUSTED
40 } DBusValidationMode;
41 
42 /**
43  * This is primarily used in unit testing, so we can verify that each
44  * invalid message is invalid for the expected reasons. Thus we really
45  * want a distinct enum value for every codepath leaving the validator
46  * functions. Enum values are specified manually for ease of debugging
47  * (so you can see the enum value given a printf)
48  */
49 typedef enum
50 {
51 #define _DBUS_NEGATIVE_VALIDITY_COUNT 4
52   DBUS_VALIDITY_UNKNOWN_OOM_ERROR = -4, /**< can't determine validity due to OOM */
53   DBUS_INVALID_FOR_UNKNOWN_REASON = -3,
54   DBUS_VALID_BUT_INCOMPLETE = -2,
55   DBUS_VALIDITY_UNKNOWN = -1,
56   DBUS_VALID = 0, /**< the data is valid */
57   DBUS_INVALID_UNKNOWN_TYPECODE = 1,
58   DBUS_INVALID_MISSING_ARRAY_ELEMENT_TYPE = 2,
59   DBUS_INVALID_SIGNATURE_TOO_LONG = 3, /* this one is impossible right now since
60                                         * you can't put a too-long value in a byte
61                                         */
62   DBUS_INVALID_EXCEEDED_MAXIMUM_ARRAY_RECURSION = 4,
63   DBUS_INVALID_EXCEEDED_MAXIMUM_STRUCT_RECURSION = 5,
64   DBUS_INVALID_STRUCT_ENDED_BUT_NOT_STARTED = 6,
65   DBUS_INVALID_STRUCT_STARTED_BUT_NOT_ENDED = 7,
66   DBUS_INVALID_STRUCT_HAS_NO_FIELDS = 8,
67   DBUS_INVALID_ALIGNMENT_PADDING_NOT_NUL = 9,
68   DBUS_INVALID_BOOLEAN_NOT_ZERO_OR_ONE = 10,
69   DBUS_INVALID_NOT_ENOUGH_DATA = 11,
70   DBUS_INVALID_TOO_MUCH_DATA = 12, /**< trailing junk makes it invalid */
71   DBUS_INVALID_BAD_BYTE_ORDER = 13,
72   DBUS_INVALID_BAD_PROTOCOL_VERSION = 14,
73   DBUS_INVALID_BAD_MESSAGE_TYPE = 15,
74   DBUS_INVALID_BAD_SERIAL = 16,
75   DBUS_INVALID_INSANE_FIELDS_ARRAY_LENGTH = 17,
76   DBUS_INVALID_INSANE_BODY_LENGTH = 18,
77   DBUS_INVALID_MESSAGE_TOO_LONG = 19,
78   DBUS_INVALID_HEADER_FIELD_CODE = 20,
79   DBUS_INVALID_HEADER_FIELD_HAS_WRONG_TYPE = 21,
80   DBUS_INVALID_USES_LOCAL_INTERFACE = 22,
81   DBUS_INVALID_USES_LOCAL_PATH = 23,
82   DBUS_INVALID_HEADER_FIELD_APPEARS_TWICE = 24,
83   DBUS_INVALID_BAD_DESTINATION = 25,
84   DBUS_INVALID_BAD_INTERFACE = 26,
85   DBUS_INVALID_BAD_MEMBER = 27,
86   DBUS_INVALID_BAD_ERROR_NAME = 28,
87   DBUS_INVALID_BAD_SENDER = 29,
88   DBUS_INVALID_MISSING_PATH = 30,
89   DBUS_INVALID_MISSING_INTERFACE = 31,
90   DBUS_INVALID_MISSING_MEMBER = 32,
91   DBUS_INVALID_MISSING_ERROR_NAME = 33,
92   DBUS_INVALID_MISSING_REPLY_SERIAL = 34,
93   DBUS_INVALID_LENGTH_OUT_OF_BOUNDS = 35,
94   DBUS_INVALID_ARRAY_LENGTH_EXCEEDS_MAXIMUM = 36,
95   DBUS_INVALID_BAD_PATH = 37,
96   DBUS_INVALID_SIGNATURE_LENGTH_OUT_OF_BOUNDS = 38,
97   DBUS_INVALID_BAD_UTF8_IN_STRING = 39,
98   DBUS_INVALID_ARRAY_LENGTH_INCORRECT = 40,
99   DBUS_INVALID_VARIANT_SIGNATURE_LENGTH_OUT_OF_BOUNDS = 41,
100   DBUS_INVALID_VARIANT_SIGNATURE_BAD = 42,
101   DBUS_INVALID_VARIANT_SIGNATURE_EMPTY = 43,
102   DBUS_INVALID_VARIANT_SIGNATURE_SPECIFIES_MULTIPLE_VALUES = 44,
103   DBUS_INVALID_VARIANT_SIGNATURE_MISSING_NUL = 45,
104   DBUS_INVALID_STRING_MISSING_NUL = 46,
105   DBUS_INVALID_SIGNATURE_MISSING_NUL = 47,
106   DBUS_INVALID_EXCEEDED_MAXIMUM_DICT_ENTRY_RECURSION = 48,
107   DBUS_INVALID_DICT_ENTRY_ENDED_BUT_NOT_STARTED = 49,
108   DBUS_INVALID_DICT_ENTRY_STARTED_BUT_NOT_ENDED = 50,
109   DBUS_INVALID_DICT_ENTRY_HAS_NO_FIELDS = 51,
110   DBUS_INVALID_DICT_ENTRY_HAS_ONLY_ONE_FIELD = 52,
111   DBUS_INVALID_DICT_ENTRY_HAS_TOO_MANY_FIELDS = 53,
112   DBUS_INVALID_DICT_ENTRY_NOT_INSIDE_ARRAY = 54,
113   DBUS_INVALID_DICT_KEY_MUST_BE_BASIC_TYPE = 55,
114   DBUS_INVALID_MISSING_UNIX_FDS = 56,
115   DBUS_INVALID_NESTED_TOO_DEEPLY = 57,
116   DBUS_VALIDITY_LAST
117 } DBusValidity;
118 
119 DBUS_PRIVATE_EXPORT
120 DBusValidity _dbus_validate_signature_with_reason (const DBusString *type_str,
121                                                    int               type_pos,
122                                                    int               len);
123 DBUS_PRIVATE_EXPORT
124 DBusValidity _dbus_validate_body_with_reason      (const DBusString *expected_signature,
125                                                    int               expected_signature_start,
126                                                    int               byte_order,
127                                                    int              *bytes_remaining,
128                                                    const DBusString *value_str,
129                                                    int               value_pos,
130                                                    int               len);
131 
132 const char *_dbus_validity_to_error_message (DBusValidity validity);
133 
134 DBUS_PRIVATE_EXPORT
135 dbus_bool_t _dbus_validate_path       (const DBusString *str,
136                                        int               start,
137                                        int               len);
138 DBUS_PRIVATE_EXPORT
139 dbus_bool_t _dbus_validate_interface  (const DBusString *str,
140                                        int               start,
141                                        int               len);
142 DBUS_PRIVATE_EXPORT
143 dbus_bool_t _dbus_validate_member     (const DBusString *str,
144                                        int               start,
145                                        int               len);
146 DBUS_PRIVATE_EXPORT
147 dbus_bool_t _dbus_validate_error_name (const DBusString *str,
148                                        int               start,
149                                        int               len);
150 DBUS_PRIVATE_EXPORT
151 dbus_bool_t _dbus_validate_bus_name   (const DBusString *str,
152                                        int               start,
153                                        int               len);
154 DBUS_PRIVATE_EXPORT
155 dbus_bool_t _dbus_validate_bus_namespace (const DBusString  *str,
156                                           int                start,
157                                           int                len);
158 /* just to have a name consistent with the above: */
159 #define _dbus_validate_utf8(s,b,e) _dbus_string_validate_utf8 (s, b, e)
160 
161 #ifdef DBUS_DISABLE_CHECKS
162 
163 /* Be sure they don't exist, since we don't want to use them outside of checks
164  * and so we want the compile failure.
165  */
166 #define DECLARE_DBUS_NAME_CHECK(what)
167 #define DEFINE_DBUS_NAME_CHECK(what)
168 
169 #else /* !DBUS_DISABLE_CHECKS */
170 
171 /** A name check is used in _dbus_return_if_fail(), it's not suitable
172  * for validating untrusted data. use _dbus_validate_whatever for that.
173  */
174 #define DECLARE_DBUS_NAME_CHECK(what) \
175 dbus_bool_t _dbus_check_is_valid_##what (const char *name)
176 
177 /** Define a name check to be used in _dbus_return_if_fail() statements.
178  */
179 #define DEFINE_DBUS_NAME_CHECK(what)                                    \
180 dbus_bool_t                                                             \
181 _dbus_check_is_valid_##what (const char *name)                          \
182 {                                                                       \
183   DBusString str;                                                       \
184                                                                         \
185   if (name == NULL)                                                     \
186     return FALSE;                                                       \
187                                                                         \
188   _dbus_string_init_const (&str, name);                                 \
189   return _dbus_validate_##what (&str, 0,                                \
190                                 _dbus_string_get_length (&str));        \
191 }
192 #endif /* !DBUS_DISABLE_CHECKS */
193 
194 /** defines _dbus_check_is_valid_path() */
195 DECLARE_DBUS_NAME_CHECK(path);
196 /** defines _dbus_check_is_valid_interface() */
197 DECLARE_DBUS_NAME_CHECK(interface);
198 /** defines _dbus_check_is_valid_member() */
199 DECLARE_DBUS_NAME_CHECK(member);
200 /** defines _dbus_check_is_valid_error_name() */
201 DECLARE_DBUS_NAME_CHECK(error_name);
202 /** defines _dbus_check_is_valid_bus_name() */
203 DECLARE_DBUS_NAME_CHECK(bus_name);
204 /** defines _dbus_check_is_valid_utf8() */
205 DECLARE_DBUS_NAME_CHECK(utf8);
206 
207 /** @} */
208 
209 #endif /* DBUS_MARSHAL_VALIDATE_H */
210