From 02fdd82e67265a85c76e4316a00b9ddc7567052e Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Wed, 31 May 2017 18:00:40 +0100 Subject: [PATCH 1/4] test/monitor: Assert that BecomeMonitor() on wrong object path fails Signed-off-by: Simon McVittie --- test/monitor.c | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/test/monitor.c b/test/monitor.c index 0402d4a8..71ae2ae8 100644 --- a/test/monitor.c +++ b/test/monitor.c @@ -601,6 +601,49 @@ test_invalid (Fixture *f, g_assert_cmpstr (dbus_message_get_error_name (m), ==, DBUS_ERROR_INVALID_ARGS); + /* Try to become a monitor but use the wrong object path - not allowed + * (security hardening against inappropriate XML policy rules) */ + + dbus_pending_call_unref (pc); + dbus_message_unref (m); + + m = dbus_message_new_method_call (DBUS_SERVICE_DBUS, + "/", DBUS_INTERFACE_MONITORING, "BecomeMonitor"); + + if (m == NULL) + g_error ("OOM"); + + dbus_message_iter_init_append (m, &appender); + + if (!dbus_message_iter_open_container (&appender, DBUS_TYPE_ARRAY, "s", + &array_appender)) + g_error ("OOM"); + + if (!dbus_message_iter_close_container (&appender, &array_appender) || + !dbus_message_iter_append_basic (&appender, DBUS_TYPE_UINT32, &zero)) + g_error ("OOM"); + + if (!dbus_connection_send_with_reply (f->monitor, m, &pc, + DBUS_TIMEOUT_USE_DEFAULT) || + pc == NULL) + g_error ("OOM"); + + dbus_message_unref (m); + m = NULL; + + if (dbus_pending_call_get_completed (pc)) + test_pending_call_store_reply (pc, &m); + else if (!dbus_pending_call_set_notify (pc, test_pending_call_store_reply, + &m, NULL)) + g_error ("OOM"); + + while (m == NULL) + test_main_context_iterate (f->ctx, TRUE); + + g_assert_cmpint (dbus_message_get_type (m), ==, DBUS_MESSAGE_TYPE_ERROR); + g_assert_cmpstr (dbus_message_get_error_name (m), ==, + DBUS_ERROR_ACCESS_DENIED); + /* Try to become a monitor but specify a bad match rule - * also not allowed */ -- 2.11.0