bus-message: validate signature in gvariant messages
We would accept a message with 40k signature and spend a lot of time iterating over the nested arrays. Let's just reject it early, as we do for !gvariant messages.
This commit is contained in:
parent
4ddff52640
commit
f0ae945ecc
|
@ -5152,7 +5152,7 @@ int bus_message_parse_fields(sd_bus_message *m) {
|
|||
return -EBADMSG;
|
||||
|
||||
if (*p == 0) {
|
||||
char *k;
|
||||
_cleanup_free_ char *k = NULL;
|
||||
size_t l;
|
||||
|
||||
/* We found the beginning of the signature
|
||||
|
@ -5170,6 +5170,9 @@ int bus_message_parse_fields(sd_bus_message *m) {
|
|||
if (!k)
|
||||
return -ENOMEM;
|
||||
|
||||
if (!signature_is_valid(k, true))
|
||||
return -EBADMSG;
|
||||
|
||||
free_and_replace(m->root_container.signature, k);
|
||||
break;
|
||||
}
|
||||
|
|
Binary file not shown.
Loading…
Reference in New Issue