Bugzilla – Bug 34726
Should send back an error if a message is corrupt (e.g. non-UTF-8 strings)
Last modified: 2014-09-25 14:51:54 UTC
+++ This bug was initially created as a clone of Bug #16338 +++
On the original bug, Havoc wrote:
> Unfortunately, it's quite challenging to modify dbus-daemon to try sending back
> an error reply before it closes the socket; there may be another open bug about
> that, or at least a thread in list archives, and I think a patch makes sense,
> but, it isn't an easy patch to write iirc. (I don't remember the details.)
> The daemon would need to write out an error reply to the not-well-formed
> message, flush the socket as possible without blocking, then close the socket,
> all synchronously. 99% of the time the client would get the error, for
> debugging purposes, though it would not be guaranteed.
> That would be a good patch, in the meantime there's a simple fix that would
> have saved you: add a _dbus_return_if_fail(validate_utf8(arg)) to whatever
> public API function allowed you to marshal an invalid UTF-8 string.
and later, also:
I'm going to hijack Bug #16338 for "validate the UTF-8 before sending", which fixes the 99% case.
It's still a bug that we don't send back an error, hence this clone, but adding those checks will mean we can drop the severity.