package/systemd/0002-Refuse-dbus-message-paths-longer-than-BUS_PATH_SIZE_.patch - buildroot - Git at Google

 From febef5e18558c114f4fb7c94f6c8ed3520c50cdf Mon Sep 17 00:00:00 2001
 From: Riccardo Schirone <rschiron@redhat.com>
 Date: Mon, 4 Feb 2019 14:29:09 +0100
 Subject: [PATCH] Refuse dbus message paths longer than BUS_PATH_SIZE_MAX
  limit.

 Even though the dbus specification does not enforce any length limit on the
 path of a dbus message, having to analyze too long strings in PID1 may be
 time-consuming and it may have security impacts.

 In any case, the limit is set so high that real-life applications should not
 have a problem with it.

 (cherry picked from commit 61397a60d98e368a5720b37e83f3169e3eb511c4)
 Signed-off-by: Baruch Siach <baruch@tkos.co.il>
 ---
 Upstream status: commit 61397a60d98

  src/libsystemd/sd-bus/bus-internal.c | 2 +-
  src/libsystemd/sd-bus/bus-internal.h | 4 ++++
  2 files changed, 5 insertions(+), 1 deletion(-)

 diff --git a/src/libsystemd/sd-bus/bus-internal.c b/src/libsystemd/sd-bus/bus-internal.c
 index 40acae213381..598b7f110c73 100644
 --- a/src/libsystemd/sd-bus/bus-internal.c
 +++ b/src/libsystemd/sd-bus/bus-internal.c
 @@ -43,7 +43,7 @@ bool object_path_is_valid(const char *p) {
          if (slash)
                  return false;

 -        return true;
 +        return (q - p) <= BUS_PATH_SIZE_MAX;
  }

  char* object_path_startswith(const char *a, const char *b) {
 diff --git a/src/libsystemd/sd-bus/bus-internal.h b/src/libsystemd/sd-bus/bus-internal.h
 index f208b294d8f1..a8d61bf72a4e 100644
 --- a/src/libsystemd/sd-bus/bus-internal.h
 +++ b/src/libsystemd/sd-bus/bus-internal.h
 @@ -332,6 +332,10 @@ struct sd_bus {

  #define BUS_MESSAGE_SIZE_MAX (128*1024*1024)
  #define BUS_AUTH_SIZE_MAX (64*1024)
 +/* Note that the D-Bus specification states that bus paths shall have no size limit. We enforce here one
 + * anyway, since truly unbounded strings are a security problem. The limit we pick is relatively large however,
 + * to not clash unnecessarily with real-life applications. */
 +#define BUS_PATH_SIZE_MAX (64*1024)

  #define BUS_CONTAINER_DEPTH 128

 --
 2.20.1
	From febef5e18558c114f4fb7c94f6c8ed3520c50cdf Mon Sep 17 00:00:00 2001
	From: Riccardo Schirone <rschiron@redhat.com>
	Date: Mon, 4 Feb 2019 14:29:09 +0100
	Subject: [PATCH] Refuse dbus message paths longer than BUS_PATH_SIZE_MAX
	limit.

	Even though the dbus specification does not enforce any length limit on the
	path of a dbus message, having to analyze too long strings in PID1 may be
	time-consuming and it may have security impacts.

	In any case, the limit is set so high that real-life applications should not
	have a problem with it.

	(cherry picked from commit 61397a60d98e368a5720b37e83f3169e3eb511c4)
	Signed-off-by: Baruch Siach <baruch@tkos.co.il>
	---
	Upstream status: commit 61397a60d98

	src/libsystemd/sd-bus/bus-internal.c \| 2 +-
	src/libsystemd/sd-bus/bus-internal.h \| 4 ++++
	2 files changed, 5 insertions(+), 1 deletion(-)

	diff --git a/src/libsystemd/sd-bus/bus-internal.c b/src/libsystemd/sd-bus/bus-internal.c
	index 40acae213381..598b7f110c73 100644
	--- a/src/libsystemd/sd-bus/bus-internal.c
	+++ b/src/libsystemd/sd-bus/bus-internal.c
	@@ -43,7 +43,7 @@ bool object_path_is_valid(const char *p) {
	if (slash)
	return false;

	- return true;
	+ return (q - p) <= BUS_PATH_SIZE_MAX;
	}

	char* object_path_startswith(const char a, const char b) {
	diff --git a/src/libsystemd/sd-bus/bus-internal.h b/src/libsystemd/sd-bus/bus-internal.h
	index f208b294d8f1..a8d61bf72a4e 100644
	--- a/src/libsystemd/sd-bus/bus-internal.h
	+++ b/src/libsystemd/sd-bus/bus-internal.h
	@@ -332,6 +332,10 @@ struct sd_bus {

	#define BUS_MESSAGE_SIZE_MAX (12810241024)
	#define BUS_AUTH_SIZE_MAX (64*1024)
	+/* Note that the D-Bus specification states that bus paths shall have no size limit. We enforce here one
	+ * anyway, since truly unbounded strings are a security problem. The limit we pick is relatively large however,
	+ * to not clash unnecessarily with real-life applications. */
	+#define BUS_PATH_SIZE_MAX (64*1024)

	#define BUS_CONTAINER_DEPTH 128

	--
	2.20.1