sysmocom
/
ofono
mirror of git://git.sysmocom.de/ofono
11
0
Fork 0
Code Issues Releases Activity

sim-auth: Avoid using dbus_message_iter_get_element_count 

It's the only thing in ofono that requires dbus 1.9.16 or later and it's
not worth it.

And don't leak DBusMessage on format error.
This commit is contained in:
Slava Monich 2017-11-27 13:06:44 +02:00 committed by Denis Kenzior
parent 399cb61d1f
commit 94c1975801
1 changed files with 9 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
src/sim-auth.c
View File

@ -369,9 +369,7 @@ static DBusMessage *usim_gsm_authenticate(DBusConnection *conn,
struct ofono_sim_auth *sa = data; struct ofono_sim_auth *sa = data;
DBusMessageIter iter; DBusMessageIter iter;
DBusMessageIter array; DBusMessageIter array;
int i;
uint8_t *aid; uint8_t *aid;
int rands;
if (sa->pending) if (sa->pending)
return __ofono_error_busy(msg); return __ofono_error_busy(msg);
@ -381,27 +379,22 @@ static DBusMessage *usim_gsm_authenticate(DBusConnection *conn,
if (dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_ARRAY) if (dbus_message_iter_get_arg_type(&iter) != DBUS_TYPE_ARRAY)
return __ofono_error_invalid_format(msg); return __ofono_error_invalid_format(msg);
rands = dbus_message_iter_get_element_count(&iter);
if (rands > 3 || rands < 2)
return __ofono_error_invalid_format(msg);
sa->pending = g_new0(struct auth_request, 1); sa->pending = g_new0(struct auth_request, 1);
sa->pending->msg = dbus_message_ref(msg);
sa->pending->num_rands = rands;
dbus_message_iter_recurse(&iter, &array); dbus_message_iter_recurse(&iter, &array);
for (i = 0; i < sa->pending->num_rands; i++) { while (dbus_message_iter_get_arg_type(&array) == DBUS_TYPE_ARRAY) {
int nelement; int nelement;
DBusMessageIter in; DBusMessageIter in;
dbus_message_iter_recurse(&array, &in); dbus_message_iter_recurse(&array, &in);
if (dbus_message_iter_get_arg_type(&in) != DBUS_TYPE_BYTE) if (dbus_message_iter_get_arg_type(&in) != DBUS_TYPE_BYTE ||
sa->pending->num_rands == SIM_AUTH_MAX_RANDS)
goto format_error; goto format_error;
dbus_message_iter_get_fixed_array(&in, &sa->pending->rands[i], dbus_message_iter_get_fixed_array(&in,
&sa->pending->rands[sa->pending->num_rands++],
&nelement); &nelement);
if (nelement != 16) if (nelement != 16)
@ -410,12 +403,15 @@ static DBusMessage *usim_gsm_authenticate(DBusConnection *conn,
dbus_message_iter_next(&array); dbus_message_iter_next(&array);
} }
if (sa->pending->num_rands < 2)
goto format_error;
/* /*
* retrieve session from SIM * retrieve session from SIM
*/ */
aid = find_aid_by_path(sa->aid_objects, dbus_message_get_path(msg)); aid = find_aid_by_path(sa->aid_objects, dbus_message_get_path(msg));
sa->pending->session = __ofono_sim_get_session_by_aid(sa->sim, aid); sa->pending->session = __ofono_sim_get_session_by_aid(sa->sim, aid);
sa->pending->msg = dbus_message_ref(msg);
sa->pending->watch_id = __ofono_sim_add_session_watch( sa->pending->watch_id = __ofono_sim_add_session_watch(
sa->pending->session, get_session_cb, sa, NULL); sa->pending->session, get_session_cb, sa, NULL);